|
285931
|
- |
|
zabbix
|
zabbix
|
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5572
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285932
|
- |
|
ibm
|
spss_collaboration_and_deployment_services
|
Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability …
|
NVD-CWE-noinfo
|
CVE-2013-5370
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285933
|
- |
|
cisco
|
telepresence_multipoint_switch
|
The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot …
|
CWE-399
Resource Management Errors
|
CVE-2013-5516
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285934
|
- |
|
x2engine
|
x2crm
|
Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5693
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285935
|
- |
|
x2engine
|
x2crm
|
Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to inde…
|
CWE-22
Path Traversal
|
CVE-2013-5692
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285936
|
- |
|
simone_tellini
|
mod_accounting
|
SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header.
|
CWE-89
SQL Injection
|
CVE-2013-5697
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285937
|
- |
|
redhat
|
libvirt
|
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5651
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285938
|
- |
|
owasp
|
enterprise_security_api
|
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serializ…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5679
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285939
|
- |
|
cisco
|
identity_services_engine_software
|
Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter,…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5505
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285940
|
- |
|
cisco
|
identity_services_engine_software
|
Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an uns…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5504
|
2024-11-21 10:57 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
