|
286351
|
- |
|
zenphoto
|
zenphoto
|
Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7241
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286352
|
- |
|
cisco
|
unified_presence_server
|
SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.
|
CWE-89
SQL Injection
|
CVE-2013-6983
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286353
|
- |
|
jforum
|
jforum
|
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the…
|
CWE-352
Origin Validation Error
|
CVE-2013-7209
|
2024-11-21 11:00 |
2013-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286354
|
- |
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of a…
|
CWE-352
Origin Validation Error
|
CVE-2013-7233
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286355
|
- |
|
esri
|
arcgis_server
|
SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service.
|
CWE-89
SQL Injection
|
CVE-2013-7232
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286356
|
- |
|
esri
|
arcgis_server
|
Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7231
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286357
|
- |
|
openx
revive-adserver
|
openx
revive_adserver
|
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver before 3.0.2, and OpenX Source 2.8.11 and earlier, allows remote attackers to e…
|
CWE-89
SQL Injection
|
CVE-2013-7149
|
2024-11-21 11:00 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286358
|
- |
|
cisco
|
ios_xe
|
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.
|
CWE-20
Improper Input Validation
|
CVE-2013-6981
|
2024-11-21 11:00 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286359
|
- |
|
zimbra
|
collaboration_server
|
Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and earlier, and 8.0.x through 8.0.5, has "critical" impact and unspecified vectors, a different vulnerability than CVE-2013-7091.
|
NVD-CWE-noinfo
|
CVE-2013-7217
|
2024-11-21 11:00 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286360
|
- |
|
etoshop
|
classifieds_creator
|
Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to demo/classifieds/product.asp, or (2) UserID or (…
|
CWE-89
SQL Injection
|
CVE-2013-7216
|
2024-11-21 11:00 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
