|
287201
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_Helper_Session.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2314
|
2024-11-21 10:51 |
2013-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287202
|
- |
|
lockon
|
ec-cube
|
Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2013-2313
|
2024-11-21 10:51 |
2013-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287203
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in the shopping-cart screen in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2312
|
2024-11-21 10:51 |
2013-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287204
|
- |
|
moodle
|
moodle
|
The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which …
|
CWE-20
Improper Input Validation
|
CVE-2013-2083
|
2024-11-21 10:51 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287205
|
- |
|
moodle
|
moodle
|
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sens…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2082
|
2024-11-21 10:51 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287206
|
- |
|
web2py
|
web2py
|
Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2311
|
2024-11-21 10:51 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287207
|
- |
|
softbanktech
|
online_service_gate
|
The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via u…
|
CWE-200
Information Exposure
|
CVE-2013-2308
|
2024-11-21 10:51 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287208
|
- |
|
hp
|
service_manager_web_tier
|
Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2321
|
2024-11-21 10:51 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287209
|
- |
|
yahoo
|
yahoo\!_browser
|
The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address bar via a crafted web site.
|
NVD-CWE-noinfo
|
CVE-2013-2307
|
2024-11-21 10:51 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287210
|
- |
|
jb\+
|
jigbrowser\+
|
The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site.
|
NVD-CWE-noinfo
|
CVE-2013-2306
|
2024-11-21 10:51 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
