|
289231
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0307
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289232
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted iCalendar file to the calendar appli…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0298
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289233
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0297
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289234
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor ha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0346
|
2024-11-21 10:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289235
|
- |
|
elgg
|
elgg
|
Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg before 1.7.17 and 1.8.x before 1.8.13 allows remote attackers to inject arbitrary web script or HTML via the params[twitter_user…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0234
|
2024-11-21 10:47 |
2014-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289236
|
- |
|
apache
|
ofbiz
|
Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x all…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0177
|
2024-11-21 10:47 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289237
|
- |
|
ibm
|
java
|
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
|
NVD-CWE-noinfo
|
CVE-2013-0485
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289238
|
- |
|
libexpat_project
python
apple
|
libexpat
python
ipados
iphone_os
macos
watchos
tvos
|
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of serv…
|
CWE-611
XXE
|
CVE-2013-0340
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289239
|
- |
|
xmlsoft
canonical
debian
suse
|
libxml2
ubuntu_linux
debian_linux
linux_enterprise_server
|
libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0339
|
2024-11-21 10:47 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289240
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0244
|
2024-11-21 10:47 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
