|
285911
|
- |
|
machform
|
machform
|
Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4950
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285912
|
- |
|
machform
|
machform
|
Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in t…
|
NVD-CWE-Other
|
CVE-2013-4949
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285913
|
- |
|
machform
|
machform
|
SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter.
|
CWE-89
SQL Injection
|
CVE-2013-4948
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285914
|
- |
|
sawmill
|
sawmill
|
Unspecified vulnerability in the update and build database page in Sawmill before 8.6.3 allows remote attackers to have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-4947
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285915
|
- |
|
bmc
|
service_desk_express
|
Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4946
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285916
|
- |
|
bmc
|
service_desk_express
|
Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) T…
|
CWE-89
SQL Injection
|
CVE-2013-4945
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285917
|
- |
|
fusedpress
|
buddypress-extended-frienship-request
|
Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the "Friend Connections" component is enabled, allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4944
|
2024-11-21 10:56 |
2013-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285918
|
- |
|
freebsd
|
freebsd
|
The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4851
|
2024-11-21 10:56 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285919
|
- |
|
isc
suse
novell
opensuse
freebsd
mandriva
redhat
fedoraproject
hp
slackware
|
bind
suse_linux_enterprise_software_development_kit
suse_linux
dnsco_bind
opensuse
freebsd
business_server
enterprise_server
enterprise_linux
fedora
hp-ux
slackware_l…
|
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remo…
|
NVD-CWE-noinfo
|
CVE-2013-4854
|
2024-11-21 10:56 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285920
|
- |
|
yahoo
moodle
|
yui
moodle
|
Cross-site scripting (XSS) vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4942
|
2024-11-21 10:56 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
