|
289381
|
- |
|
bart_feenstra
|
payment
|
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0182
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289382
|
- |
|
thomas_seidl
|
search_api
|
Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0181
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289383
|
- |
|
ibm
|
lotus_domino
|
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2013-0489
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289384
|
- |
|
ibm
|
lotus_domino
|
Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0488
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289385
|
- |
|
ibm
|
lotus_domino
|
The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.
|
CWE-287
Improper Authentication
|
CVE-2013-0487
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289386
|
- |
|
ibm
|
lotus_domino
|
Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.
|
CWE-399
Resource Management Errors
|
CVE-2013-0486
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289387
|
- |
|
ibm
|
lotus_inotes
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0525
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289388
|
- |
|
canonical
samba
ibm
|
ubuntu_linux
samba
storwize
|
The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS sh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0454
|
2024-11-21 10:47 |
2013-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289389
|
- |
|
openstack
canonical
|
essex
folsom
grizzly
ubuntu_linux
|
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0335
|
2024-11-21 10:47 |
2013-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289390
|
- |
|
ibm
|
tivoli_endpoint_manager
|
Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0453
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
