|
291311
|
- |
|
codeaurora
qualcomm
|
android-msm
quic_mobile_station_modem_kernel
|
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4738
|
2024-11-21 10:56 |
2014-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291312
|
- |
|
ideamk
|
eps_viewer
|
Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4979
|
2024-11-21 10:56 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291313
|
- |
|
algosec
|
firewall_analyzer
|
Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5092
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291314
|
- |
|
tripwire
|
tripwire_enterprise
|
Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_tar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5005
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291315
|
- |
|
webhive
|
timeline
|
Unrestricted file upload vulnerability in the user profile page feature in the Timeline Plugin 4.2.5p9 for SocialEngine allows remote authenticated users to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2013-4898
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291316
|
- |
|
springsignage
|
xibo
|
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add a…
|
CWE-352
Origin Validation Error
|
CVE-2013-4889
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291317
|
- |
|
springsignage
|
xibo
|
Cross-site scripting (XSS) vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the layout parameter in the layout page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4888
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291318
|
- |
|
springsignage
|
xibo
|
SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to execute arbitrary SQL commands via the displayid parameter.
|
CWE-89
SQL Injection
|
CVE-2013-4887
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291319
|
- |
|
civicrm
|
civicrm
|
The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to …
|
CWE-89
SQL Injection
|
CVE-2013-4662
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291320
|
- |
|
civicrm
|
civicrm
|
CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4661
|
2024-11-21 10:56 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
