|
287401
|
- |
|
belkin
|
n300_firmware
n300
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configur…
|
CWE-352
Origin Validation Error
|
CVE-2013-3089
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287402
|
- |
|
belkin
|
n900_firmware
n900
|
Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration…
|
CWE-352
Origin Validation Error
|
CVE-2013-3086
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287403
|
- |
|
belkin
|
f5d8236-4_v2
|
Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the …
|
CWE-352
Origin Validation Error
|
CVE-2013-3083
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287404
|
- |
|
cisco
|
linksys_wrt310n_router_firmware
linksys_wrt350n
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and…
|
CWE-352
Origin Validation Error
|
CVE-2013-3068
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287405
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3066
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287406
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via ve…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3065
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287407
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2013-3064
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287408
|
- |
|
apachefriends
|
xampp
|
XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which allows remote attackers to modify xampp/lang.tmp and execute cross-site scripting (XSS) attacks via the WriteIntoLocalDisk metho…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2586
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287409
|
- |
|
codeaurora
|
android-msm
|
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.…
|
NVD-CWE-Other
|
CVE-2013-2599
|
2024-11-21 10:52 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287410
|
- |
|
codeaurora
|
android-msm
|
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite s…
|
CWE-20
Improper Input Validation
|
CVE-2013-2598
|
2024-11-21 10:52 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
