|
284831
|
- |
|
oracle
|
siebel_crm
|
Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality and integrity via unknown vector…
|
NVD-CWE-noinfo
|
CVE-2013-5761
|
2024-11-21 10:58 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284832
|
- |
|
oxid-esales
|
eshop
|
Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5913
|
2024-11-21 10:58 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284833
|
- |
|
mostgear
|
easy_lan_folder_share
|
Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6079
|
2024-11-21 10:58 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284834
|
- |
|
alienvault
|
open_source_security_information_management
|
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from par…
|
CWE-89
SQL Injection
|
CVE-2013-5967
|
2024-11-21 10:58 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284835
|
- |
|
djangoproject
|
django
|
The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6044
|
2024-11-21 10:58 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284836
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
|
Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.
|
CWE-20
Improper Input Validation
|
CVE-2013-6011
|
2024-11-21 10:58 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284837
|
- |
|
polarssl
|
polarssl
|
The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA pr…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5915
|
2024-11-21 10:58 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284838
|
- |
|
wearegumball
|
comment-attachment
|
Cross-site scripting (XSS) vulnerability in the Comment Attachment plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Attachment field title."
|
CWE-79
Cross-site Scripting
|
CVE-2013-6010
|
2024-11-21 10:58 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284839
|
- |
|
open-xchange
|
open-xchange_appsuite
|
CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting …
|
CWE-94
Code Injection
|
CVE-2013-6009
|
2024-11-21 10:58 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284840
|
- |
|
siemens
|
scalance_x-200_series_firmware
scalance_x-200
scalance_x-200irt
|
The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which a…
|
CWE-287
Improper Authentication
|
CVE-2013-5944
|
2024-11-21 10:58 |
2013-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
