|
293811
|
- |
|
raoul_proenca
|
gnew
|
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) answer_id or (2) question_id parameter to polls/vote.php, (3) story_id param…
|
CWE-89
SQL Injection
|
CVE-2013-5640
|
2024-11-21 10:57 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293812
|
- |
|
ibm
|
cognos_express
|
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static dec…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5445
|
2024-11-21 10:57 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293813
|
- |
|
ibm
|
cognos_express
|
The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2013-5444
|
2024-11-21 10:57 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293814
|
- |
|
ibm
|
cognos_express
|
Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authenticat…
|
CWE-352
Origin Validation Error
|
CVE-2013-5443
|
2024-11-21 10:57 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293815
|
- |
|
ibm
|
websphere_mq_internet_pass_thru
|
The command-port listener in IBM WebSphere MQ Internet Pass-Thru (MQIPT) 2.x before 2.1.0.1 allows remote attackers to cause a denial of service (remote-administration outage) via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-5401
|
2024-11-21 10:57 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293816
|
- |
|
apple
|
iphone_os
|
Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5133
|
2024-11-21 10:57 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293817
|
- |
|
zldnn
|
dnnarticle
|
SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid…
|
CWE-89
SQL Injection
|
CVE-2013-5117
|
2024-11-21 10:57 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293818
|
- |
|
raoul_proenca
|
gnew
|
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the gnew_language cookie.
|
CWE-22
Path Traversal
|
CVE-2013-5639
|
2024-11-21 10:57 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293819
|
- |
|
ibm
|
algo_one
|
IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, does not encrypt…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5468
|
2024-11-21 10:57 |
2014-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293820
|
- |
|
irfanview
|
irfanview
|
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5351
|
2024-11-21 10:57 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
