|
282991
|
- |
|
drupal
|
mrbs_module
|
Cross-site request forgery (CSRF) vulnerability in the MRBS module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7407
|
2024-11-21 11:00 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282992
|
- |
|
mrbs_project
|
mrbs
|
SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-7406
|
2024-11-21 11:00 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282993
|
- |
|
jenkins
|
jenkins
|
Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7330
|
2024-11-21 11:00 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282994
|
- |
|
perl
|
cgi_application_module
|
The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via ve…
|
CWE-200
Information Exposure
|
CVE-2013-7329
|
2024-11-21 11:00 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282995
|
- |
|
linecorp
|
line
|
LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive …
|
CWE-310
Cryptographic Issues
|
CVE-2013-7144
|
2024-11-21 11:00 |
2014-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282996
|
- |
|
cobham
|
aviator_300
sailor_fleetbroadband_150
sailor_900_vsat
aviator_350
sailor_fleetbroadband_250
explorer_bgan
aviator_200
sailor_fleetbroadband_500
aviator_700d
|
Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtai…
|
NVD-CWE-Other
|
CVE-2013-7180
|
2024-11-21 11:00 |
2014-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282997
|
- |
|
zoll
|
monitor\/defibrillator
|
ZOLL Defibrillator / Monitor X Series has a default (1) supervisor password and (2) service password, which allows physically proximate attackers to modify device configuration and cause a denial of …
|
CWE-255
Credentials Management
|
CVE-2013-7395
|
2024-11-21 11:00 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282998
|
- |
|
splunk
|
splunk
|
The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remote authenticated users to execute arbitrary commands via a crafted string. NOTE: this issue was SPLIT from CVE-2013-6771 per ADT…
|
CWE-94
Code Injection
|
CVE-2013-7394
|
2024-11-21 11:00 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282999
|
- |
|
apache
|
subversion
|
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfil…
|
CWE-59
Link Following
|
CVE-2013-7393
|
2024-11-21 11:00 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283000
|
- |
|
gitlist
|
gitlist
|
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.
|
NVD-CWE-Other
|
CVE-2013-7392
|
2024-11-21 11:00 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
