|
293821
|
- |
|
ncrafts
|
formcraft
|
SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2013-7187
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293822
|
- |
|
steinberg
|
mymp3pro
|
Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remote attackers to execute arbitrary code via a long string in a .m3u file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7186
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293823
|
- |
|
upc
|
ireland_cisco_epc2425
|
The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have a sufficiently large number of possible WPA-PSK passphrases, which makes it easier for remote attackers to obtain access via a br…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7136
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293824
|
- |
|
wireshark
|
wireshark
|
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7114
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293825
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio…
|
CWE-20
Improper Input Validation
|
CVE-2013-7113
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293826
|
- |
|
wireshark
|
wireshark
|
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote atta…
|
CWE-20
Improper Input Validation
|
CVE-2013-7112
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293827
|
- |
|
digium
|
asterisk
asterisk_digiumphones
certified_asterisk
|
Buffer overflow in the unpacksms16 function in apps/app_sms.c in Asterisk Open Source 1.8.x before 1.8.24.1, 10.x before 10.12.4, and 11.x before 11.6.1; Asterisk with Digiumphones 10.x-digiumphones …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7100
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293828
|
- |
|
cisco
|
epc3925
|
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a passwo…
|
CWE-352
Origin Validation Error
|
CVE-2013-6976
|
2024-11-21 11:00 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293829
|
- |
|
webbynode
|
webbynode
|
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a growln…
|
CWE-94
Code Injection
|
CVE-2013-7086
|
2024-11-21 11:00 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293830
|
- |
|
mike_stefanello
|
og_features
|
The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not properly override pages that have an access callback set to false, which allows remote attackers to bypass intended access restrictio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7067
|
2024-11-21 11:00 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
