|
283801
|
- |
|
b2evolution
|
b2evolution
|
Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL inj…
|
CWE-352
Origin Validation Error
|
CVE-2013-7352
|
2024-11-21 11:00 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283802
|
- |
|
checkpoint
|
security_gateway
|
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown…
|
NVD-CWE-noinfo
|
CVE-2013-7350
|
2024-11-21 11:00 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283803
|
- |
|
linux
|
linux_kernel
|
Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other i…
|
CWE-399
Resource Management Errors
|
CVE-2013-7348
|
2024-11-21 11:00 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283804
|
- |
|
raoul_proenca
|
gnew
|
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter to news/send.php, (2) thread_id parameter to posts/edit.ph…
|
CWE-89
SQL Injection
|
CVE-2013-7349
|
2024-11-21 11:00 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283805
|
- |
|
redhat
|
conga
enterprise_linux
|
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLI…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7347
|
2024-11-21 11:00 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283806
|
- |
|
getsymphony
|
symphony
|
Cross-site request forgery (CSRF) vulnerability in Symphony CMS before 2.3.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via…
|
CWE-352
Origin Validation Error
|
CVE-2013-7346
|
2024-11-21 11:00 |
2014-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283807
|
- |
|
linux
|
linux_kernel
|
The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecif…
|
CWE-476
NULL Pointer Dereference
|
CVE-2013-7339
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283808
|
- |
|
christos_zoulas
php
debian
|
file
php
debian_linux
|
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to ca…
|
NVD-CWE-noinfo
|
CVE-2013-7345
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283809
|
- |
|
owncloud
|
owncloud
|
Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue …
|
NVD-CWE-noinfo
|
CVE-2013-7344
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283810
|
- |
|
flowplayer
|
flowplayer_html5
|
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback para…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7342
|
2024-11-21 11:00 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
