|
283381
|
- |
|
lockon
|
ec-cube
|
data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-CUBE 2.11.2 through 2.13.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the full pa…
|
CWE-200
Information Exposure
|
CVE-2013-5994
|
2024-11-21 10:58 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283382
|
- |
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.0 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors related to refu…
|
CWE-352
Origin Validation Error
|
CVE-2013-5993
|
2024-11-21 10:58 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283383
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in the displaySystemError function in html/handle_error.php in LOCKON EC-CUBE 2.11.0 through 2.11.5 allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5992
|
2024-11-21 10:58 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283384
|
- |
|
lockon
|
ec-cube
|
The displaySystemError function in html/handle_error.php in LOCKON EC-CUBE 2.11.0 through 2.11.5 allows remote attackers to obtain sensitive information by leveraging incorrect handling of error-log …
|
CWE-200
Information Exposure
|
CVE-2013-5991
|
2024-11-21 10:58 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283385
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev25 and 7.4.x before 7.4.0-rev14 allows remote attackers to inject arbitrary web script or HTML via an atta…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6074
|
2024-11-21 10:58 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283386
|
- |
|
zkoss
|
zk_framework
|
Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5966
|
2024-11-21 10:58 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283387
|
- |
|
dlink
|
dsl-2740b_firmware
dsl-2740b
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that (1…
|
CWE-352
Origin Validation Error
|
CVE-2013-5730
|
2024-11-21 10:58 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283388
|
- |
|
softaculous
|
webuzo
|
Cross-site scripting (XSS) vulnerability in filemanager/login.php in the File Manager module in Softaculous Webuzo before 2.1.4 allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6042
|
2024-11-21 10:58 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283389
|
- |
|
vmware
|
workstation
player
|
VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5972
|
2024-11-21 10:58 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283390
|
- |
|
ajaxplorer
|
ajaxplorer
|
Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files v…
|
CWE-22
Path Traversal
|
CVE-2013-6226
|
2024-11-21 10:58 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
