|
291281
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easi…
|
CWE-200
Information Exposure
|
CVE-2013-4725
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291282
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which make…
|
CWE-200
Information Exposure
|
CVE-2013-4724
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291283
|
- |
|
radiothermostat
|
ct50_firmware
ct50
ct80_firmware
ct80
|
Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4860
|
2024-11-21 10:56 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291284
|
- |
|
squash
|
square_squash
|
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap functi…
|
CWE-94
Code Injection
|
CVE-2013-5036
|
2024-11-21 10:56 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291285
|
- |
|
pcman\'s_ftp_server_project
|
pcman\'s_ftp_server
|
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4730
|
2024-11-21 10:56 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291286
|
- |
|
dlink
|
dir-826l_wireless_n600_cloud_router_firmware
dir-826l_wireless_n600_cloud_router
dir-505l_shareport_mobile_companion_firmware
dir-505l_shareport_mobile_companion
|
D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active.
|
CWE-287
Improper Authentication
|
CVE-2013-4772
|
2024-11-21 10:56 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291287
|
- |
|
broadcom
|
symantec_critical_system_protection
|
Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5016
|
2024-11-21 10:56 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291288
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2013-4726
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291289
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote attackers to redirect users to arbitrary web sites …
|
CWE-20
Improper Input Validation
|
CVE-2013-4723
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291290
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4722
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
