|
291011
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3058
|
2024-11-21 10:52 |
2013-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291012
|
- |
|
joomla
|
joomla\!
|
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3057
|
2024-11-21 10:52 |
2013-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291013
|
- |
|
joomla
|
joomla\!
|
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3056
|
2024-11-21 10:52 |
2013-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291014
|
- |
|
strongswan
|
strongswan
|
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
|
CWE-287
Improper Authentication
|
CVE-2013-2944
|
2024-11-21 10:52 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291015
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of servi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3080
|
2024-11-21 10:52 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291016
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (V…
|
CWE-94
Code Injection
|
CVE-2013-3079
|
2024-11-21 10:52 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291017
|
- |
|
sap
|
basis_communication_services
|
SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-3063
|
2024-11-21 10:52 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291018
|
- |
|
sap
|
production_planning_and_control
|
The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3062
|
2024-11-21 10:52 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291019
|
- |
|
sap
|
healthcare_industry_solution
erp_central_component
|
The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3061
|
2024-11-21 10:52 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291020
|
- |
|
crunchify
|
foursquare-checkins
|
Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that in…
|
CWE-352
Origin Validation Error
|
CVE-2013-2709
|
2024-11-21 10:52 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
