|
291111
|
- |
|
redmine
|
redmine_git_hosting_plugin
|
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related …
|
CWE-77
Command Injection
|
CVE-2013-4663
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291112
|
- |
|
umbraco
|
umbraco_cms
|
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to …
|
CWE-287
Improper Authentication
|
CVE-2013-4793
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291113
|
- |
|
eucalyptus
|
eucalyptus
|
The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic ampl…
|
CWE-19
Data Processing Errors
|
CVE-2013-4769
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291114
|
- |
|
owl
|
intranet_knowledgebase
|
Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php o…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4754
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291115
|
- |
|
claroline
|
claroline
|
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4753
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291116
|
- |
|
h3c
hp
|
secbladefw
secpath1000fe
f1000-e_vpn_firewall
s5820_secblade_vpn_firewall_module
s7500e_secblade_vpn_firewall_module
s9500e_secblade_vpn_firewall_module
sr66_gigabit_firewall_module…
|
Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown …
|
NVD-CWE-noinfo
|
CVE-2013-4840
|
2024-11-21 10:56 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291117
|
9.8 |
CRITICAL
Network
|
symantec
|
web_gateway
|
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-5017
|
2024-11-21 10:56 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291118
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the "l" parameter…
|
CWE-200
Information Exposure
|
CVE-2013-4728
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291119
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a request to Admin/top.aspx.
|
CWE-200
Information Exposure
|
CVE-2013-4727
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291120
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easi…
|
CWE-200
Information Exposure
|
CVE-2013-4725
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
