|
287121
|
- |
|
wpsymposiumpro
|
wp_symposium
|
Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the…
|
CWE-20
Improper Input Validation
|
CVE-2013-2694
|
2024-11-21 10:52 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287122
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action t…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2643
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287123
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation va…
|
CWE-78
OS Command
|
CVE-2013-2642
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287124
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
|
CWE-22
Path Traversal
|
CVE-2013-2641
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287125
|
- |
|
aspen
|
aspen
|
Directory traversal vulnerability in Aspen before 0.22 allows remote attackers to read arbitrary files via a .. (dot dot) to the default URI.
|
CWE-22
Path Traversal
|
CVE-2013-2619
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287126
|
- |
|
brother
|
mfc-9970cdw_firmware
mfc-9970cdw
|
Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer with firmware L (1.10) allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) val p…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2671
|
2024-11-21 10:52 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287127
|
- |
|
brother
|
mfc-9970cdw_firmware
mfc-9970cdw
|
Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW printer with firmware G (1.03) and L (1.10) allows remote attackers to inject arbitrary web script or HTML via an arbitrary paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2670
|
2024-11-21 10:52 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287128
|
- |
|
umi-cms
|
umi.cms
|
Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator ac…
|
CWE-352
Origin Validation Error
|
CVE-2013-2754
|
2024-11-21 10:52 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287129
|
- |
|
schneider-electric
|
powerlogic_scada
struxureware_scada_expert_vijeo_citect
struxureware_powerscada_expert
citectscada
|
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi…
|
NVD-CWE-Other
|
CVE-2013-2824
|
2024-11-21 10:52 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287130
|
- |
|
mitsubishielectric
|
mc-worx_suite
|
An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction…
|
CWE-94
Code Injection
|
CVE-2013-2817
|
2024-11-21 10:52 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
