|
284471
|
6.1 |
MEDIUM
Network
|
cart66
|
cart66_lite_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) P…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5978
|
2024-11-21 10:58 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284472
|
9.8 |
CRITICAL
Network
|
zabbix
|
zabbix
|
Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.
|
CWE-89
SQL Injection
|
CVE-2013-5743
|
2024-11-21 10:58 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284473
|
6.1 |
MEDIUM
Network
|
exis-ti
|
exis_contexis
|
Cross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail acti…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6239
|
2024-11-21 10:58 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284474
|
8.0 |
HIGH
Network
|
eng
|
spagobi
|
Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, th…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2013-6234
|
2024-11-21 10:58 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284475
|
6.5 |
MEDIUM
Network
|
horde
debian
|
groupware
debian_linux
|
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
|
CWE-352
Origin Validation Error
|
CVE-2013-6275
|
2024-11-21 10:58 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284476
|
7.8 |
HIGH
Local
|
google
|
android
|
The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone call…
|
CWE-284
Improper Access Control
|
CVE-2013-6272
|
2024-11-21 10:58 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284477
|
7.8 |
HIGH
Local
|
apt-listbugs_project
debian
|
apt-listbugs
debian_linux
|
apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-6049
|
2024-11-21 10:58 |
2017-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284478
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev25 and 7.4.x before 7.4.0-rev14, in certain user-id sharing scenarios, does not properly construct a SQL stateme…
|
CWE-200
Information Exposure
|
CVE-2013-6241
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284479
|
- |
|
pydio
ajaxplorer
|
pydio
ajaxplorer
|
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by u…
|
NVD-CWE-Other
|
CVE-2013-6227
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284480
|
- |
|
softaculous
|
webuzo
|
The login function in Softaculous Webuzo before 2.1.4 provides different error messages for invalid authentication attempts depending on whether the user account exists, which allows remote attackers…
|
CWE-200
Information Exposure
|
CVE-2013-6043
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
