|
283941
|
- |
|
synology
|
diskstation_manager
|
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary f…
|
CWE-22
Path Traversal
|
CVE-2013-6987
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283942
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows remote authenticated administrators to execute arbitrary SQL commands via the tableprefix p…
|
CWE-89
SQL Injection
|
CVE-2013-7242
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283943
|
- |
|
zenphoto
|
zenphoto
|
Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7241
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283944
|
- |
|
cisco
|
unified_presence_server
|
SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.
|
CWE-89
SQL Injection
|
CVE-2013-6983
|
2024-11-21 11:00 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283945
|
- |
|
jforum
|
jforum
|
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the…
|
CWE-352
Origin Validation Error
|
CVE-2013-7209
|
2024-11-21 11:00 |
2013-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283946
|
- |
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of a…
|
CWE-352
Origin Validation Error
|
CVE-2013-7233
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283947
|
- |
|
esri
|
arcgis_server
|
SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service.
|
CWE-89
SQL Injection
|
CVE-2013-7232
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283948
|
- |
|
esri
|
arcgis_server
|
Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7231
|
2024-11-21 11:00 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283949
|
- |
|
openx
revive-adserver
|
openx
revive_adserver
|
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver before 3.0.2, and OpenX Source 2.8.11 and earlier, allows remote attackers to e…
|
CWE-89
SQL Injection
|
CVE-2013-7149
|
2024-11-21 11:00 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283950
|
- |
|
cisco
|
ios_xe
|
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.
|
CWE-20
Improper Input Validation
|
CVE-2013-6981
|
2024-11-21 11:00 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
