|
288071
|
- |
|
michael_staatz
|
sofortueberweisung2commerce
|
SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-4681
|
2024-11-21 10:56 |
2013-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288072
|
- |
|
urs_maag
|
maag_form_captcha
|
Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified ve…
|
NVD-CWE-noinfo
|
CVE-2013-4680
|
2024-11-21 10:56 |
2013-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288073
|
- |
|
fortinet
|
forticlient
forticlient_lite
forticlient_ssl_vpn
|
FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and F…
|
CWE-255
CWE-310
Credentials Management
Cryptographic Issues
|
CVE-2013-4669
|
2024-11-21 10:56 |
2013-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288074
|
5.5 |
MEDIUM
Local
|
redhat
|
openshift
|
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file.
|
-
|
CVE-2013-4281
|
2024-11-21 10:55 |
2022-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288075
|
7.5 |
HIGH
Network
|
redhat
|
openshift
|
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2013-4253
|
2024-11-21 10:55 |
2022-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288076
|
9.1 |
CRITICAL
Network
|
redhat
|
openshift
|
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2013-4561
|
2024-11-21 10:55 |
2022-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288077
|
6.1 |
MEDIUM
Network
|
emberjs
|
ember.js
|
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into su…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4170
|
2024-11-21 10:55 |
2022-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288078
|
7.8 |
HIGH
Local
|
qemu
|
qemu
|
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially r…
|
-
|
CVE-2013-4536
|
2024-11-21 10:55 |
2021-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288079
|
4.3 |
MEDIUM
Network
|
organic_groups_project
|
organic_groups
|
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authen…
|
CWE-863
Incorrect Authorization
|
CVE-2013-4228
|
2024-11-21 10:55 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288080
|
6.5 |
MEDIUM
Network
|
drupal
|
authenticated_user_page_caching
|
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combinatio…
|
CWE-862
Missing Authorization
|
CVE-2013-4226
|
2024-11-21 10:55 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
