|
294871
|
- |
|
hp
|
sitescope
|
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd me…
|
NVD-CWE-noinfo
|
CVE-2013-4835
|
2024-11-21 10:56 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294872
|
- |
|
hp
|
application_lifecycle_management
|
Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327.
|
NVD-CWE-noinfo
|
CVE-2013-4834
|
2024-11-21 10:56 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294873
|
- |
|
iodata
|
rockdisk_firmware
rockdisk
|
Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4713
|
2024-11-21 10:56 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294874
|
- |
|
nmap
opensuse
|
nmap
opensuse
|
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in …
|
NVD-CWE-Other
|
CVE-2013-4885
|
2024-11-21 10:56 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294875
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions…
|
CWE-287
Improper Authentication
|
CVE-2013-4965
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294876
|
- |
|
puppet
|
puppet_enterprise
|
The dashboard report in Puppet Enterprise before 3.0.1 allows attackers to execute arbitrary YAML code via a crafted report-specific type.
|
CWE-94
Code Injection
|
CVE-2013-4957
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294877
|
- |
|
iodata
|
hdl2-a\/e
hdl2-ah
hdl2-a_firmware
hdl-a\/e
hdl-ah
hdl-as
hdl-a_firmware
|
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified v…
|
CWE-399
Resource Management Errors
|
CVE-2013-4712
|
2024-11-21 10:56 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294878
|
- |
|
juniper
|
junos
|
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 …
|
CWE-352
Origin Validation Error
|
CVE-2013-4689
|
2024-11-21 10:56 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294879
|
- |
|
ruckuswireless
|
zoneflex_2942__firmware
zoneflex_2942
|
Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5030
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294880
|
- |
|
hp
|
service_manager
|
Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4833
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
