|
295121
|
- |
|
open-xchange
|
open-xchange_appsuite
open-xchange_server
|
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authe…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5698
|
2024-11-21 10:57 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295122
|
- |
|
cisco
|
global_site_selector
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Global Site Selector (GSS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164.
|
CWE-352
Origin Validation Error
|
CVE-2013-5471
|
2024-11-21 10:57 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295123
|
- |
|
cisco
|
secure_access_control_system
|
Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote attackers to cause a denial of service (process crash) via malformed TC…
|
CWE-20
Improper Input Validation
|
CVE-2013-5470
|
2024-11-21 10:57 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295124
|
- |
|
paloaltonetworks
|
pan-os
|
Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5664
|
2024-11-21 10:57 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295125
|
- |
|
paloaltonetworks
|
pan-os
|
The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5663
|
2024-11-21 10:57 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295126
|
- |
|
cisco
|
ios
|
The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of AC…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5469
|
2024-11-21 10:57 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295127
|
- |
|
id
|
id-software
libdigidoc
|
Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers …
|
CWE-22
Path Traversal
|
CVE-2013-5648
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295128
|
- |
|
adam_zaninovich
|
sounder
|
lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
|
CWE-94
Code Injection
|
CVE-2013-5647
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295129
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5646
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295130
|
- |
|
roundcube
|
webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5645
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
