|
289401
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289402
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289403
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0667
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289404
|
- |
|
selinc
|
acselerator_quickset
|
Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0665
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289405
|
- |
|
zoneminder
|
zoneminder
|
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.
|
CWE-22
Path Traversal
|
CVE-2013-0332
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289406
|
- |
|
zoneminder
|
zoneminder
|
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packa…
|
NVD-CWE-noinfo
|
CVE-2013-0232
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289407
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0506
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289408
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and re…
|
CWE-200
CWE-20
Information Exposure
Improper Input Validation
|
CVE-2013-0505
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289409
|
- |
|
jenkins
|
jenkins
|
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
|
CWE-20
Improper Input Validation
|
CVE-2013-0331
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289410
|
- |
|
jenkins
|
jenkins
|
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0330
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
