|
285061
|
- |
|
ibm
|
infosphere_information_server
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4059
|
2024-11-21 10:54 |
2014-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285062
|
- |
|
ibm
|
infosphere_information_server
|
Multiple SQL injection vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote authenticated users to execute arbitrary…
|
CWE-89
SQL Injection
|
CVE-2013-4058
|
2024-11-21 10:54 |
2014-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285063
|
- |
|
ibm
|
infosphere_information_server
|
Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to…
|
CWE-352
Origin Validation Error
|
CVE-2013-4057
|
2024-11-21 10:54 |
2014-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285064
|
- |
|
kasseler-cms
|
kasseler-cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection…
|
CWE-352
Origin Validation Error
|
CVE-2013-3729
|
2024-11-21 10:54 |
2014-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285065
|
- |
|
kasseler-cms
|
kasseler-cms
|
Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat para…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3728
|
2024-11-21 10:54 |
2014-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285066
|
- |
|
kasseler-cms
|
kasseler-cms
|
SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged us…
|
CWE-89
SQL Injection
|
CVE-2013-3727
|
2024-11-21 10:54 |
2014-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285067
|
- |
|
abeel
|
simple_php_agenda
|
SQL injection vulnerability in edit_event.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3961
|
2024-11-21 10:54 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285068
|
- |
|
jpchacha
|
chasys_draw_ies
|
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3928
|
2024-11-21 10:54 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285069
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update …
|
CWE-22
Path Traversal
|
CVE-2013-3706
|
2024-11-21 10:54 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285070
|
- |
|
ibm
|
websphere_mq
|
Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI.
|
CWE-22
Path Traversal
|
CVE-2013-4054
|
2024-11-21 10:54 |
2014-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
