|
290081
|
- |
|
webcalendar_project
|
webcalendar
|
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Categ…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1421
|
2024-11-21 10:49 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290082
|
- |
|
maygion
|
ip_camera_firmware
|
Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1605
|
2024-11-21 10:49 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290083
|
- |
|
maygion
|
ip_camera_firmware
|
Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.
|
CWE-22
Path Traversal
|
CVE-2013-1604
|
2024-11-21 10:49 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290084
|
- |
|
wysija_newsletters_project
|
wysija_newsletters
|
Multiple SQL injection vulnerabilities in the Wysija Newsletters plugin before 2.2.1 for WordPress allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search or (2…
|
CWE-89
SQL Injection
|
CVE-2013-1408
|
2024-11-21 10:49 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290085
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE) bef…
|
CWE-352
Origin Validation Error
|
CVE-2013-1399
|
2024-11-21 10:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290086
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive inform…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1398
|
2024-11-21 10:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290087
|
- |
|
commentluv
|
commentluv
|
Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1409
|
2024-11-21 10:49 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290088
|
- |
|
i-doit
|
i-doit
|
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1413
|
2024-11-21 10:49 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290089
|
- |
|
geeklog
|
geeklog
|
Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1470
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290090
|
- |
|
glfusion
|
glfusion
|
Multiple cross-site scripting (XSS) vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) addre…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1466
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
