|
292131
|
- |
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header.
|
CWE-399
Resource Management Errors
|
CVE-2013-0494
|
2024-11-21 10:47 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292132
|
- |
|
ibm
|
informix_open_admin_tool
|
Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0492
|
2024-11-21 10:47 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292133
|
- |
|
ibm
|
api_management
|
Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 allows remote attackers to access tenant APIs, and consequently obtain sensitive information or modify data, via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0559
|
2024-11-21 10:47 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292134
|
- |
|
sun
|
sunos
|
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).
|
NVD-CWE-noinfo
|
CVE-2013-0398
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292135
|
- |
|
drupal
|
drupal
|
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of othe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0246
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292136
|
- |
|
drupal
|
drupal
|
The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows rem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0245
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292137
|
- |
|
moxiecode
wordpress
fedoraproject
|
plupload
wordpress
fedora
|
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0237
|
2024-11-21 10:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292138
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the con…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0236
|
2024-11-21 10:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292139
|
- |
|
wordpress
|
wordpress
|
The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, relat…
|
NVD-CWE-Other
|
CVE-2013-0235
|
2024-11-21 10:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292140
|
- |
|
ibm
|
business_process_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0581
|
2024-11-21 10:47 |
2013-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
