|
291641
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0297
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291642
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor ha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0346
|
2024-11-21 10:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291643
|
- |
|
elgg
|
elgg
|
Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg before 1.7.17 and 1.8.x before 1.8.13 allows remote attackers to inject arbitrary web script or HTML via the params[twitter_user…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0234
|
2024-11-21 10:47 |
2014-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291644
|
- |
|
apache
|
ofbiz
|
Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x all…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0177
|
2024-11-21 10:47 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291645
|
- |
|
ibm
|
java
|
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
|
NVD-CWE-noinfo
|
CVE-2013-0485
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291646
|
- |
|
libexpat_project
python
apple
|
libexpat
python
ipados
iphone_os
macos
watchos
tvos
|
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of serv…
|
CWE-611
XXE
|
CVE-2013-0340
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291647
|
- |
|
xmlsoft
canonical
debian
suse
|
libxml2
ubuntu_linux
debian_linux
linux_enterprise_server
|
libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0339
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291648
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0244
|
2024-11-21 10:47 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291649
|
- |
|
memcached
|
memcached
|
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0179
|
2024-11-21 10:47 |
2014-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291650
|
- |
|
open_source_development_team
fedoraproject
opensuse
gentoo
acme
|
sthttpd
fedora
opensuse
linux
thttpd
|
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0348
|
2024-11-21 10:47 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
