|
284231
|
6.5 |
MEDIUM
Adjacent
|
dlink
|
dir-865l_firmware
|
D-Link DIR-865L has Information Disclosure.
|
CWE-200
Information Exposure
|
CVE-2013-4856
|
2024-11-21 10:56 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284232
|
8.8 |
HIGH
Adjacent
|
dlink
|
dir-865l_firmware
|
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.
|
CWE-22
Path Traversal
|
CVE-2013-4855
|
2024-11-21 10:56 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284233
|
6.1 |
MEDIUM
Network
|
codeigniter
|
codeigniter
|
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4891
|
2024-11-21 10:56 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284234
|
9.8 |
CRITICAL
Network
|
asus
trendnet
|
rt-ac66u_firmware
tew-812dru_firmware
|
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4659
|
2024-11-21 10:56 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284235
|
- |
|
lixil
|
my_satis_genius_toilet
|
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat…
|
NVD-CWE-noinfo
|
CVE-2013-4866
|
2024-11-21 10:56 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284236
|
- |
|
redmine
|
redmine_git_hosting_plugin
|
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related …
|
CWE-77
Command Injection
|
CVE-2013-4663
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284237
|
- |
|
umbraco
|
umbraco_cms
|
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to …
|
CWE-287
Improper Authentication
|
CVE-2013-4793
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284238
|
- |
|
eucalyptus
|
eucalyptus
|
The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic ampl…
|
CWE-19
Data Processing Errors
|
CVE-2013-4769
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284239
|
- |
|
owl
|
intranet_knowledgebase
|
Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php o…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4754
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284240
|
- |
|
claroline
|
claroline
|
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4753
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
