|
293751
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity
intelligent_platforms_proficy_process_systems_with_cimplicity
intelligent_platforms_proficy_process_systems
|
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a…
|
CWE-20
Improper Input Validation
|
CVE-2013-0654
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293752
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity
intelligent_platforms_proficy_process_systems_with_cimplicity
intelligent_platforms_proficy_process_systems
|
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPL…
|
CWE-22
Path Traversal
|
CVE-2013-0653
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293753
|
- |
|
ge
|
intelligent_platforms_proficy_real-time_information_portal
|
GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of an unspecified Java class, which allows remote attackers to obtain a username listing via an RMI c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0652
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293754
|
- |
|
ge
|
intelligent_platforms_proficy_real-time_information_portal
|
The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0651
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293755
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0462
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293756
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the virtual member manager (VMM) administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0461
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293757
|
- |
|
ibm
|
websphere_application_server
|
Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 and 7.0 before 7.0.0.27 allows rem…
|
CWE-352
Origin Validation Error
|
CVE-2013-0460
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293758
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0459
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293759
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2, …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0458
|
2024-11-21 10:47 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293760
|
- |
|
sixapart
|
movable_type
|
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct e…
|
CWE-287
Improper Authentication
|
CVE-2013-0209
|
2024-11-21 10:47 |
2013-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
