|
283241
|
- |
|
nagios
|
nagios_xi
|
SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parame…
|
CWE-89
SQL Injection
|
CVE-2013-6875
|
2024-11-21 10:59 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283242
|
- |
|
vortexgroup
|
light_alloy
|
Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows remote attackers to execute arbitrary code via a long URL in a .m3u file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6874
|
2024-11-21 10:59 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283243
|
- |
|
testa
|
online_test_management_system
|
SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the test_id parameter.
|
CWE-89
SQL Injection
|
CVE-2013-6873
|
2024-11-21 10:59 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283244
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6870
|
2024-11-21 10:59 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283245
|
- |
|
jenkins-ci
|
build_failure_analyzer
|
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6374
|
2024-11-21 10:59 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283246
|
- |
|
jenkins-ci
|
exclusion
|
The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6373
|
2024-11-21 10:59 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283247
|
- |
|
sap
|
netweaver
|
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-6869
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283248
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unsp…
|
CWE-200
Information Exposure
|
CVE-2013-6868
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283249
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-6867
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283250
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via un…
|
CWE-94
Code Injection
|
CVE-2013-6866
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
