|
292291
|
- |
|
wpshopstyling
|
wp-ecommerce-shop-styling
|
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL i…
|
CWE-94
Code Injection
|
CVE-2013-0724
|
2024-11-21 10:48 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292292
|
- |
|
dell
|
openmanage_server_administrator
|
Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the …
|
CWE-20
Improper Input Validation
|
CVE-2013-0740
|
2024-11-21 10:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292293
|
- |
|
cartpauj
|
mingle-forum
|
Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to execute arbitrary SQL commands via the id parameter in a viewt…
|
CWE-89
SQL Injection
|
CVE-2013-0735
|
2024-11-21 10:48 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292294
|
- |
|
tracker-software
|
pdf-xchange_viewer
|
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0729
|
2024-11-21 10:48 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292295
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and earlier allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0807
|
2024-11-21 10:48 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292296
|
- |
|
cartpauj
|
mingle-forum
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words param…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0734
|
2024-11-21 10:48 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292297
|
- |
|
nuance
|
pdf_reader
|
Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0732
|
2024-11-21 10:48 |
2014-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292298
|
- |
|
combodo
|
itop
|
Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0805
|
2024-11-21 10:48 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292299
|
- |
|
ubuntu
|
metal_as_a_service
|
Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1070
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292300
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
