|
290401
|
6.1 |
MEDIUM
Network
|
viewgit_project
|
viewgit
|
Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2294
|
2024-11-21 10:51 |
2020-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290402
|
9.8 |
CRITICAL
Network
|
login_security_project
|
login_security
|
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.
|
CWE-863
Incorrect Authorization
|
CVE-2013-2198
|
2024-11-21 10:51 |
2020-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290403
|
7.5 |
HIGH
Network
|
foscam
|
fi8620_firmware
|
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.
|
CWE-863
Incorrect Authorization
|
CVE-2013-2574
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290404
|
9.8 |
CRITICAL
Network
|
tp-link
|
tl-sc_3130g_firmware
tl-sc_3171g_firmware
tl-sc_4171g_firmware
|
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a ma…
|
CWE-78
OS Command
|
CVE-2013-2573
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290405
|
7.5 |
HIGH
Network
|
tp-link
|
tl-sc_3130_firmware
tl-sc_3130g_firmware
tl-sc_3171g_firmware
tl-sc_4171g_firmware
|
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, whic…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2013-2572
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290406
|
9.8 |
CRITICAL
Network
|
zavio
|
f3105_firmware
f312a_firmware
|
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remov…
|
CWE-78
OS Command
|
CVE-2013-2570
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290407
|
7.5 |
HIGH
Network
|
zavio
|
f3105_firmware
f312a_firmware
|
A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access t…
|
CWE-287
Improper Authentication
|
CVE-2013-2569
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290408
|
9.8 |
CRITICAL
Network
|
zavio
|
f3105_firmware
f312a_firmware
|
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
|
CWE-78
OS Command
|
CVE-2013-2568
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290409
|
7.5 |
HIGH
Network
|
zavio
|
f3105_firmware
f312a_firmware
|
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sen…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2013-2567
|
2024-11-21 10:51 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290410
|
9.8 |
CRITICAL
Network
|
hcomm
|
xpient_iris
|
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the…
|
CWE-20
Improper Input Validation
|
CVE-2013-2571
|
2024-11-21 10:51 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
