|
297271
|
- |
|
schneider-electric
|
modicon_m340_bmx_noc_0401_firmware
modicon_m340_bmx_noe_0100_firmware
modicon_m340_bmx_noe_0100h_firmware
modicon_m340_bmx_noe_0110_firmware
modicon_m340_bmx_noe_0110h_firmware
modicon…
|
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2013-2763
|
2024-11-21 10:52 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297272
|
- |
|
ithemes
|
backupbuddy
|
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2013-2744
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297273
|
- |
|
ithemes
|
backupbuddy
|
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote attackers to bypass authentication via a crafted integer in the step parameter.
|
CWE-287
Improper Authentication
|
CVE-2013-2743
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297274
|
- |
|
ithemes
|
backupbuddy
|
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote …
|
NVD-CWE-Other
|
CVE-2013-2742
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297275
|
- |
|
ithemes
|
backupbuddy
|
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not require that authentication be enabled, which allows remote attackers to obtain sensitive info…
|
CWE-287
Improper Authentication
|
CVE-2013-2741
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297276
|
- |
|
asterisk
|
open_source
certified_asterisk
digiumphones
|
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2686
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297277
|
- |
|
asterisk
|
open_source
|
Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2685
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297278
|
- |
|
synchroweb
|
synconnect
|
SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter in a logoff action.
|
CWE-89
SQL Injection
|
CVE-2013-2690
|
2024-11-21 10:52 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297279
|
- |
|
emc
|
smarts_network_configuration_manager
|
Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different …
|
NVD-CWE-noinfo
|
CVE-2013-2717
|
2024-11-21 10:52 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297280
|
- |
|
thomas_seidl
|
search_api
|
Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2715
|
2024-11-21 10:52 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
