|
284271
|
- |
|
cru-inc
|
ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation
|
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests …
|
CWE-352
Origin Validation Error
|
CVE-2013-6883
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284272
|
- |
|
cru-inc
|
ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation
|
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the u…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6882
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284273
|
- |
|
ibm
|
sametime
|
Cross-site scripting (XSS) vulnerability in the Web Application in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6733
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284274
|
- |
|
ibm
|
websphere_service_registry_and_repository
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6721
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284275
|
- |
|
ibm
|
security_access_manager_for_web
content_manager_ondemand_for_multiplatforms
global_security_kit
|
IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6329
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284276
|
- |
|
ibm
|
sterling_connect_enterprise_http_option
|
Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6327
|
2024-11-21 10:59 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284277
|
- |
|
siemens
|
ruggedcom_rugged_operating_system
|
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (…
|
CWE-863
Incorrect Authorization
|
CVE-2013-6926
|
2024-11-21 10:59 |
2013-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284278
|
- |
|
siemens
|
ruggedcom_rugged_operating_system
|
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2013-6925
|
2024-11-21 10:59 |
2013-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284279
|
- |
|
php
opensuse
apple
|
php
opensuse
mac_os_x
|
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6420
|
2024-11-21 10:59 |
2013-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284280
|
- |
|
cisco
|
webex_sales_center
|
Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6711
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
