|
286501
|
- |
|
anshul_sharma
|
category-grid-view-gallery
|
Cross-site scripting (XSS) vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4117
|
2024-11-21 10:54 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286502
|
- |
|
linux
|
linux_kernel
|
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving…
|
CWE-399
Resource Management Errors
|
CVE-2013-4125
|
2024-11-21 10:54 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286503
|
- |
|
php
|
php
|
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other imp…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-4113
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286504
|
- |
|
blackberry
|
blackberry_os
z10
|
BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrict…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3692
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286505
|
- |
|
sharp
|
aquos_hn-pp150_firmware
aquos_hn-pp150
|
The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 allows remote attackers to cause a denial of service (networking outage) via crafted packet data.
|
NVD-CWE-noinfo
|
CVE-2013-3655
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286506
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an i…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3742
|
2024-11-21 10:54 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286507
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a "symmetric backdoor." NOTE: as of 20130704, the vendor could not reproduce the issue,…
|
NVD-CWE-Other
|
CVE-2013-3926
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286508
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or…
|
CWE-20
Improper Input Validation
|
CVE-2013-3925
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286509
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286510
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
