|
284541
|
6.1 |
MEDIUM
Network
|
emberjs
|
ember.js
|
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into su…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4170
|
2024-11-21 10:55 |
2022-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284542
|
7.8 |
HIGH
Local
|
qemu
|
qemu
|
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially r…
|
-
|
CVE-2013-4536
|
2024-11-21 10:55 |
2021-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284543
|
4.3 |
MEDIUM
Network
|
organic_groups_project
|
organic_groups
|
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authen…
|
CWE-863
Incorrect Authorization
|
CVE-2013-4228
|
2024-11-21 10:55 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284544
|
6.5 |
MEDIUM
Network
|
drupal
|
authenticated_user_page_caching
|
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combinatio…
|
CWE-862
Missing Authorization
|
CVE-2013-4226
|
2024-11-21 10:55 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284545
|
8.8 |
HIGH
Network
|
mozilla
|
persona
|
Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack…
|
CWE-352
Origin Validation Error
|
CVE-2013-4227
|
2024-11-21 10:55 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284546
|
9.1 |
CRITICAL
Network
|
getbutterfly
|
portable-phpmyadmin
|
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
|
CWE-287
Improper Authentication
|
CVE-2013-4454
|
2024-11-21 10:55 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284547
|
9.8 |
CRITICAL
Network
|
openx
|
openx
|
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
|
CWE-94
Code Injection
|
CVE-2013-4211
|
2024-11-21 10:55 |
2020-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284548
|
5.5 |
MEDIUM
Local
|
avira
|
antivir_mailgate
antivir_mailgate_suite
exchange_security
antivir_webgate
antivir_webgate_suite
antivir_sharepoint
professional_security
antivir_personal
savapi
antivirus_s…
|
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2013-4602
|
2024-11-21 10:55 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284549
|
6.1 |
MEDIUM
Network
|
simplemachines
|
simple_machines_forum
|
Simple Machines Forum (SMF) through 2.0.5 has XSS
|
CWE-79
Cross-site Scripting
|
CVE-2013-4395
|
2024-11-21 10:55 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284550
|
8.8 |
HIGH
Network
|
restful_web_services_project
|
restful_web_services
|
The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote au…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2013-4225
|
2024-11-21 10:55 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
