|
283071
|
- |
|
cynthia_fridsma
|
horizon_quick_content_management_system
|
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2013-7139
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283072
|
- |
|
horizon_quick_content_management_system_project
|
horizon_quick_content_management_system
|
Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2013-7138
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283073
|
- |
|
libreswan
|
libreswan
|
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd…
|
CWE-362
Race Condition
|
CVE-2013-7283
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283074
|
- |
|
qnap
|
qts
|
Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7174
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283075
|
- |
|
synology
|
diskstation_manager
|
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6955
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283076
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange (OX) AppSuite 7.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an HTML email with crafted CS…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6997
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283077
|
- |
|
cisco
|
nx-os
|
The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2013-6982
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283078
|
- |
|
linux
|
linux_kernel
|
The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which al…
|
CWE-200
Information Exposure
|
CVE-2013-7281
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283079
|
- |
|
hansotools
|
hanso_player
|
Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier allows remote attackers to cause a denial of service (crash) via a long string in a .m3u file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7280
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283080
|
- |
|
anthony_mills
|
s3_video
|
Cross-site scripting (XSS) vulnerability in views/video-management/preview_video.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7279
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
