|
285361
|
6.1 |
MEDIUM
Network
|
codeigniter
|
codeigniter
|
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4891
|
2024-11-21 10:56 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285362
|
9.8 |
CRITICAL
Network
|
asus
trendnet
|
rt-ac66u_firmware
tew-812dru_firmware
|
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4659
|
2024-11-21 10:56 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285363
|
- |
|
lixil
|
my_satis_genius_toilet
|
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat…
|
NVD-CWE-noinfo
|
CVE-2013-4866
|
2024-11-21 10:56 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285364
|
- |
|
redmine
|
redmine_git_hosting_plugin
|
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related …
|
CWE-77
Command Injection
|
CVE-2013-4663
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285365
|
- |
|
umbraco
|
umbraco_cms
|
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to …
|
CWE-287
Improper Authentication
|
CVE-2013-4793
|
2024-11-21 10:56 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285366
|
- |
|
eucalyptus
|
eucalyptus
|
The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic ampl…
|
CWE-19
Data Processing Errors
|
CVE-2013-4769
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285367
|
- |
|
owl
|
intranet_knowledgebase
|
Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php o…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4754
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285368
|
- |
|
claroline
|
claroline
|
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4753
|
2024-11-21 10:56 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285369
|
- |
|
h3c
hp
|
secbladefw
secpath1000fe
f1000-e_vpn_firewall
s5820_secblade_vpn_firewall_module
s7500e_secblade_vpn_firewall_module
s9500e_secblade_vpn_firewall_module
sr66_gigabit_firewall_module…
|
Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown …
|
NVD-CWE-noinfo
|
CVE-2013-4840
|
2024-11-21 10:56 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285370
|
9.8 |
CRITICAL
Network
|
symantec
|
web_gateway
|
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-5017
|
2024-11-21 10:56 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
