|
287101
|
- |
|
kieranoshea
|
calendar
|
Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress allows remote attackers to hijack the authentication of users for requests that add a calendar entry …
|
CWE-352
Origin Validation Error
|
CVE-2013-2698
|
2024-11-21 10:52 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287102
|
- |
|
ibm
|
smartcloud_control_desk
maximo_asset_management
|
frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2013-2998
|
2024-11-21 10:52 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287103
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle attackers to hijack…
|
CWE-287
Improper Authentication
|
CVE-2013-3046
|
2024-11-21 10:52 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287104
|
- |
|
apache
citrix
|
cloudstack
cloudplatform
|
Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2758
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287105
|
- |
|
citrix
|
cloudplatform
|
Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecifie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2757
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287106
|
- |
|
apache
citrix
|
cloudstack
cloudplatform
|
Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging …
|
CWE-287
Improper Authentication
|
CVE-2013-2756
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287107
|
- |
|
krisonav
|
krisonav
|
Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user a…
|
CWE-352
Origin Validation Error
|
CVE-2013-2713
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287108
|
- |
|
krisonav
|
krisonav
|
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2712
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287109
|
- |
|
webmaster-source
|
wp125
|
Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administra…
|
CWE-352
Origin Validation Error
|
CVE-2013-2700
|
2024-11-21 10:52 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287110
|
- |
|
tipsandtricks-hq
|
wordpress_simple_paypal_shopping_cart
|
Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for…
|
CWE-352
Origin Validation Error
|
CVE-2013-2705
|
2024-11-21 10:52 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
