|
285951
|
- |
|
mediawiki
|
mediawiki
|
(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiMain.php, (5) ApiQueryDeletedrevs.php, (6) ApiTokens.php, and (7) ApiUnblock.php in includes/api/ in MediaWiki 1.19.x before 1.19.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4302
|
2024-11-21 10:55 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285952
|
- |
|
mediawiki
|
mediawiki
|
includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "<" (…
|
CWE-200
Information Exposure
|
CVE-2013-4301
|
2024-11-21 10:55 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285953
|
- |
|
simplemachines
|
simple_machines_forum
|
Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2013-4465
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285954
|
- |
|
dropbear_ssh_project
|
dropbear_ssh
|
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discov…
|
CWE-189
Numeric Errors
|
CVE-2013-4434
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285955
|
- |
|
dropbear_ssh_project
|
dropbear_ssh
|
The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size w…
|
CWE-189
Numeric Errors
|
CVE-2013-4421
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285956
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to…
|
CWE-264
CWE-200
Permissions, Privileges, and Access Controls
Information Exposure
|
CVE-2013-4299
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285957
|
- |
|
apache
|
sling_auth_core_component
sling
|
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arb…
|
CWE-20
Improper Input Validation
|
CVE-2013-4390
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285958
|
- |
|
redhat
|
jboss_operations_network
|
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary direct…
|
CWE-20
Improper Input Validation
|
CVE-2013-4373
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285959
|
- |
|
apache
|
shindig
|
The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity…
|
CWE-200
Information Exposure
|
CVE-2013-4295
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285960
|
- |
|
redhat
|
jboss_operations_network
|
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4293
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
