|
297281
|
- |
|
mailup
|
wp-mailup
|
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2640
|
2024-11-21 10:52 |
2013-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297282
|
- |
|
linux
|
linux_kernel
|
net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.
|
CWE-399
Resource Management Errors
|
CVE-2013-2636
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297283
|
- |
|
linux
|
linux_kernel
|
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from ke…
|
CWE-399
Resource Management Errors
|
CVE-2013-2635
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297284
|
- |
|
linux
|
linux_kernel
|
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
|
CWE-399
Resource Management Errors
|
CVE-2013-2634
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297285
|
- |
|
matomo
|
matomo
|
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of par…
|
CWE-20
Improper Input Validation
|
CVE-2013-2633
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297286
|
- |
|
google
|
v8
chrome
|
Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted J…
|
NVD-CWE-Other
|
CVE-2013-2632
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297287
|
- |
|
curl_project
|
curl
|
lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-2617
|
2024-11-21 10:52 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297288
|
- |
|
rubygems
|
mini_magick
|
lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-2616
|
2024-11-21 10:52 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297289
|
- |
|
rubygems
|
fastreader
|
lib/entry_controller.rb in the fastreader Gem 1.0.8 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-2615
|
2024-11-21 10:52 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297290
|
9.8 |
CRITICAL
Network
|
milboj
|
flash_tool
|
The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file.
|
CWE-77
Command Injection
|
CVE-2013-2513
|
2024-11-21 10:51 |
2023-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
