|
291001
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0, when OAuth is used, allows remote authenticated use…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0597
|
2024-11-21 10:47 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291002
|
- |
|
ibm
|
global_console_manager_16_firmware
global_console_manager_32_firmware
|
ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary comma…
|
CWE-20
Improper Input Validation
|
CVE-2013-0526
|
2024-11-21 10:47 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291003
|
- |
|
ibm
|
websphere_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0587
|
2024-11-21 10:47 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291004
|
- |
|
ibm
|
infosphere_information_server
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allow remote authenticated users to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0585
|
2024-11-21 10:47 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291005
|
- |
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header.
|
CWE-399
Resource Management Errors
|
CVE-2013-0494
|
2024-11-21 10:47 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291006
|
- |
|
ibm
|
informix_open_admin_tool
|
Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0492
|
2024-11-21 10:47 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291007
|
- |
|
ibm
|
api_management
|
Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 allows remote attackers to access tenant APIs, and consequently obtain sensitive information or modify data, via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0559
|
2024-11-21 10:47 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291008
|
- |
|
sun
|
sunos
|
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).
|
NVD-CWE-noinfo
|
CVE-2013-0398
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291009
|
- |
|
drupal
|
drupal
|
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of othe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0246
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291010
|
- |
|
drupal
|
drupal
|
The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows rem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0245
|
2024-11-21 10:47 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
