|
291421
|
- |
|
franz_holzinger
|
static_methods
|
Cross-site scripting (XSS) vulnerability in the Static Methods since 2007 (div2007) extension before 0.10.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5100
|
2024-11-21 10:57 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291422
|
- |
|
anchor
|
anchor_cms
|
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5099
|
2024-11-21 10:57 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291423
|
- |
|
mikejolley
|
download_monitor
|
Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort par…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5098
|
2024-11-21 10:57 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291424
|
5.4 |
MEDIUM
Network
|
otrs
|
otrs_itsm
otrs
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7 allows remote authenticated users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4718
|
2024-11-21 10:56 |
2021-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291425
|
8.8 |
HIGH
Network
|
otrs
|
otrs_itsm
otrs
|
Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbi…
|
CWE-89
SQL Injection
|
CVE-2013-4717
|
2024-11-21 10:56 |
2021-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291426
|
5.5 |
MEDIUM
Network
|
prestashop
|
prestashop
|
PrestaShop before 1.4.11 allows logout CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2013-4792
|
2024-11-21 10:56 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291427
|
5.4 |
MEDIUM
Network
|
prestashop
|
prestashop
|
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4791
|
2024-11-21 10:56 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291428
|
6.5 |
MEDIUM
Network
|
micasaverde
|
veralite_firmware
|
Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that insta…
|
CWE-352
Origin Validation Error
|
CVE-2013-4865
|
2024-11-21 10:56 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291429
|
9.8 |
CRITICAL
Network
|
micasaverde
|
veralite_firmware
|
MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (S…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2013-4864
|
2024-11-21 10:56 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291430
|
8.8 |
HIGH
Network
|
micasaverde
|
veralite_firmware
|
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port …
|
CWE-287
Improper Authentication
|
CVE-2013-4863
|
2024-11-21 10:56 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
