|
284861
|
- |
|
friends_of_symfony_project
|
fosuserbundle
|
The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expens…
|
CWE-399
Resource Management Errors
|
CVE-2013-5750
|
2024-11-21 10:58 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284862
|
- |
|
tenable
|
securitycenter
|
Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 through 4.7 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5911
|
2024-11-21 10:58 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284863
|
- |
|
sophos
|
unified_threat_management_software
|
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-5932
|
2024-11-21 10:58 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284864
|
- |
|
real-estate-php-script
|
real_estate_php_script
|
SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
|
CWE-89
SQL Injection
|
CVE-2013-5931
|
2024-11-21 10:58 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284865
|
- |
|
real-estate-php-script
|
real_estate_php_script
|
Cross-site scripting (XSS) vulnerability in search_residential.php in Real Estate PHP Script allows remote attackers to inject arbitrary web script or HTML via the bos parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5930
|
2024-11-21 10:58 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284866
|
- |
|
platinum_seo_project
|
platinum_seo_plugin
|
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin before 1.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parame…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5918
|
2024-11-21 10:58 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284867
|
- |
|
rodrigo_coimbra
|
nospam_pti
|
SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2013-5917
|
2024-11-21 10:58 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284868
|
- |
|
dahuasecurity
|
dvr2104h
dvr0404hd-a
dvr1604hd-l
dvr2104hc
dvr5216a
dvr5104he
dvr3204lf-al
dvr5204a
dvr3204hf-s
dvr0404hd-s
dvr0804
dvr5104h
dvr5804
dvr2116h
dvr2404lf-al
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain ad…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5754
|
2024-11-21 10:58 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
284869
|
- |
|
sap
|
netweaver
|
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2013-5751
|
2024-11-21 10:58 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284870
|
- |
|
wireshark
|
wireshark
|
The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-5721
|
2024-11-21 10:58 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
