|
288391
|
- |
|
apache
|
struts
|
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter usin…
|
CWE-20
Improper Input Validation
|
CVE-2013-2248
|
2024-11-21 10:51 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288392
|
- |
|
apache
|
struts
|
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to b…
|
CWE-94
Code Injection
|
CVE-2013-2135
|
2024-11-21 10:51 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288393
|
- |
|
apache
|
struts
|
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vuln…
|
CWE-94
Code Injection
|
CVE-2013-2134
|
2024-11-21 10:51 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288394
|
- |
|
quade
|
edit_limit
|
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2122
|
2024-11-21 10:51 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288395
|
- |
|
redhat
|
enterprise_linux
|
A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain wri…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2188
|
2024-11-21 10:51 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288396
|
- |
|
hp
|
network_node_manager_i
|
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vecto…
|
NVD-CWE-noinfo
|
CVE-2013-2351
|
2024-11-21 10:51 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288397
|
- |
|
hp
|
san\/iq
|
LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for…
|
CWE-255
Credentials Management
|
CVE-2013-2352
|
2024-11-21 10:51 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288398
|
8.1 |
HIGH
Network
|
apache
|
struts
|
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) …
|
CWE-94
Code Injection
|
CVE-2013-2115
|
2024-11-21 10:51 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288399
|
- |
|
spip
|
spip
|
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
|
NVD-CWE-noinfo
|
CVE-2013-2118
|
2024-11-21 10:51 |
2013-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288400
|
- |
|
openstack
|
havana
grizzly
folsom
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by cr…
|
CWE-399
Resource Management Errors
|
CVE-2013-2096
|
2024-11-21 10:51 |
2013-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
