|
283591
|
- |
|
wellintech
|
kingview
|
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote atta…
|
CWE-22
Path Traversal
|
CVE-2013-6127
|
2024-11-21 10:58 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283592
|
- |
|
dhtmlx
|
dhtmlxspreadsheet
|
Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6281
|
2024-11-21 10:58 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283593
|
- |
|
linksalpha
|
social_sharing_toolkit_plugin
|
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6280
|
2024-11-21 10:58 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283594
|
- |
|
dell
|
quest_one_password_manager
|
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid do…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6246
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283595
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to …
|
NVD-CWE-noinfo
|
CVE-2013-6245
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283596
|
- |
|
sap
|
netweaver
|
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML doc…
|
NVD-CWE-noinfo
|
CVE-2013-6244
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283597
|
- |
|
landing_pages_project
|
landing_pages_plugin
|
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.p…
|
CWE-89
SQL Injection
|
CVE-2013-6243
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283598
|
- |
|
vmware
|
vcenter_server
|
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5971
|
2024-11-21 10:58 |
2013-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283599
|
- |
|
vmware
|
esx
esxi
|
hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic.
|
CWE-20
Improper Input Validation
|
CVE-2013-5970
|
2024-11-21 10:58 |
2013-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283600
|
- |
|
vbulletin
|
vbulletin
|
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6129
|
2024-11-21 10:58 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
