|
286711
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Cross-site request forgery (CSRF) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to hijack the authentication of arbitrary users via vectors related to cooki…
|
CWE-352
Origin Validation Error
|
CVE-2013-3605
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286712
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3604
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286713
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Cross-site scripting (XSS) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3603
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286714
|
- |
|
trivantis
|
coursemill_learning_management_system
|
SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3602
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286715
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3601
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286716
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to gain privileges via a modified userid value to unspecified functions.
|
CWE-20
Improper Input Validation
|
CVE-2013-3600
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286717
|
- |
|
trivantis
|
coursemill_learning_management_system
|
userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html.
|
CWE-20
Improper Input Validation
|
CVE-2013-3599
|
2024-11-21 10:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286718
|
- |
|
emc
|
rsa_archer_egrc
|
Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-3277
|
2024-11-21 10:53 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286719
|
- |
|
emc
|
rsa_archer_egrc
|
EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3276
|
2024-11-21 10:53 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286720
|
- |
|
open-xchange
|
open-xchange_appsuite
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev18, 6.22.0 before rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3106
|
2024-11-21 10:53 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
