|
284321
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified ot…
|
CWE-399
Resource Management Errors
|
CVE-2013-6635
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284322
|
- |
|
google
|
chrome
|
The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows…
|
CWE-287
Improper Authentication
|
CVE-2013-6634
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284323
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6417
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284324
|
- |
|
rubyonrails
|
rails
|
Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6416
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284325
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6415
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284326
|
- |
|
rubyonrails
|
rails
ruby_on_rails
|
actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a hea…
|
CWE-20
Improper Input Validation
|
CVE-2013-6414
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284327
|
- |
|
jamroom
|
search_module
|
Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6804
|
2024-11-21 10:59 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284328
|
- |
|
chamilo
|
chamilo_lms
|
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remo…
|
CWE-89
SQL Injection
|
CVE-2013-6787
|
2024-11-21 10:59 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284329
|
- |
|
ganglia
|
ganglia-web
|
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6395
|
2024-11-21 10:59 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284330
|
- |
|
dokeos
|
dokeos
|
SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2013-6341
|
2024-11-21 10:59 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
