|
288361
|
- |
|
reviewboard
|
review_board
|
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2209
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288362
|
- |
|
apache
|
openoffice
|
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-2189
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288363
|
- |
|
haxx
canonical
redhat
opensuse
|
curl
libcurl
ubuntu_linux
enterprise_linux
opensuse
|
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possib…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2174
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288364
|
- |
|
theforeman
redhat
|
foreman
openstack
|
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary c…
|
CWE-94
Code Injection
|
CVE-2013-2121
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288365
|
- |
|
theforeman
redhat
|
foreman
openstack
|
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2113
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288366
|
- |
|
apache
collabnet
canonical
opensuse
|
subversion
ubuntu_linux
opensuse
|
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
|
NVD-CWE-noinfo
|
CVE-2013-2112
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288367
|
- |
|
apache
collabnet
opensuse
|
subversion
opensuse
|
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
|
CWE-20
Improper Input Validation
|
CVE-2013-2088
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288368
|
- |
|
hp
|
sitescope
|
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.
|
NVD-CWE-noinfo
|
CVE-2013-2367
|
2024-11-21 10:51 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288369
|
- |
|
monkey-project
|
monkey
|
Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2181
|
2024-11-21 10:51 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288370
|
- |
|
moodle
|
moodle
|
mod/feedback/lib.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 does not consider the mod/feedback:view capability before displaying…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2246
|
2024-11-21 10:51 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
