|
288751
|
- |
|
microsoft
|
sharepoint_server
sharepoint_foundation
|
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0083
|
2024-11-21 10:46 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288752
|
- |
|
microsoft
|
sharepoint_server
sharepoint_foundation
|
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Call…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0080
|
2024-11-21 10:46 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288753
|
- |
|
microsoft
|
visio_viewer
office_filter_pack
visio
|
Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vuln…
|
NVD-CWE-noinfo
|
CVE-2013-0079
|
2024-11-21 10:46 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288754
|
- |
|
redhat
|
enterprise_virtualization_manager
|
The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0168
|
2024-11-21 10:46 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288755
|
- |
|
xen
|
xen
|
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0151
|
2024-11-21 10:46 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288756
|
- |
|
ryan_davis
|
ruby_parser
|
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a pr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0162
|
2024-11-21 10:46 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288757
|
- |
|
redhat
|
openshift
openshift_origin
|
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0164
|
2024-11-21 10:46 |
2013-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288758
|
- |
|
cloudbees
jenkins
|
jenkins
|
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous re…
|
NVD-CWE-noinfo
|
CVE-2013-0158
|
2024-11-21 10:46 |
2013-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288759
|
- |
|
dell
|
powerconnect_6248p
|
The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0120
|
2024-11-21 10:46 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288760
|
- |
|
cs-cart
|
cs-cart
|
CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setti…
|
CWE-16
Configuration
|
CVE-2013-0118
|
2024-11-21 10:46 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
