|
291601
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a…
|
CWE-94
Code Injection
|
CVE-2013-4813
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291602
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert…
|
CWE-20
Improper Input Validation
|
CVE-2013-4811
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291603
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4812
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291604
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2013-4809
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291605
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4705
|
2024-11-21 10:56 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291606
|
- |
|
sophos
|
web_appliance
|
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second…
|
CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command
|
CVE-2013-4984
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291607
|
- |
|
sophos
|
web_appliance_firmware
|
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-78
OS Command
|
CVE-2013-4983
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291608
|
- |
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4703
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291609
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291610
|
- |
|
twilightcms
|
twilight_cms
|
Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4899
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
