|
283921
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kerne…
|
CWE-20
Improper Input Validation
|
CVE-2013-7263
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283922
|
- |
|
umn
osgeo
|
mapserver
|
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2013-7262
|
2024-11-21 11:00 |
2014-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283923
|
- |
|
realnetworks
|
realplayer
|
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) ve…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7260
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283924
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283925
|
- |
|
web2ldap
|
web2ldap
|
Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "displaying group DN and ent…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7258
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283926
|
- |
|
codiad
|
codiad
|
Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7257
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283927
|
- |
|
opsview
|
opsview
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7256
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283928
|
- |
|
opsview
|
opsview
|
Open redirect vulnerability in Opsview before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-7255
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283929
|
- |
|
opsview
|
opsview
|
Cross-site scripting (XSS) vulnerability in Opsview before 4.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7254
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283930
|
- |
|
westerndeal
wordpress
|
advanced_dewplayer
wordpress
|
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7240
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
