|
288271
|
- |
|
siemens
|
wincc_tia_portal
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2013-0671
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288272
|
- |
|
siemens
|
wincc_tia_portal
|
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2013-0670
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288273
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288274
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288275
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0667
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288276
|
- |
|
selinc
|
acselerator_quickset
|
Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0665
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288277
|
- |
|
zoneminder
|
zoneminder
|
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.
|
CWE-22
Path Traversal
|
CVE-2013-0332
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288278
|
- |
|
zoneminder
|
zoneminder
|
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packa…
|
NVD-CWE-noinfo
|
CVE-2013-0232
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288279
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0506
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288280
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and re…
|
CWE-200
CWE-20
Information Exposure
Improper Input Validation
|
CVE-2013-0505
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
