|
285301
|
- |
|
bigtreecms
|
bigtree_cms
|
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for re…
|
CWE-352
Origin Validation Error
|
CVE-2013-5313
|
2024-11-21 10:57 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285302
|
- |
|
vastal
|
phpvid
|
Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to browse_videos.php or the (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5312
|
2024-11-21 10:57 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285303
|
- |
|
vastal
|
phpvid
|
Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2013-5311
|
2024-11-21 10:57 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285304
|
- |
|
mauro_lorenzutti
|
wfqbe
|
SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-5310
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285305
|
- |
|
ilia_alshanetsky
fudforum
|
fudforum
|
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5309
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285306
|
- |
|
juralsulek
|
realurlmanagement
|
Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5308
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285307
|
- |
|
kennziffer
|
ke_search
|
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5307
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285308
|
- |
|
die-netzmacher
|
browser
|
SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-5306
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285309
|
- |
|
joachim_ruhs
|
locator
|
Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5305
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285310
|
- |
|
joachim_ruhs
|
locator
|
SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-5304
|
2024-11-21 10:57 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
