|
293611
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0674
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293612
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0672
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293613
|
- |
|
siemens
|
wincc_tia_portal
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2013-0671
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293614
|
- |
|
siemens
|
wincc_tia_portal
|
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2013-0670
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293615
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293616
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293617
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0667
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293618
|
- |
|
selinc
|
acselerator_quickset
|
Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0665
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293619
|
- |
|
zoneminder
|
zoneminder
|
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.
|
CWE-22
Path Traversal
|
CVE-2013-0332
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293620
|
- |
|
zoneminder
|
zoneminder
|
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packa…
|
NVD-CWE-noinfo
|
CVE-2013-0232
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
