|
288581
|
- |
|
network-weathermap
|
.network_weathermap
|
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the mapname parameter in a show_config ac…
|
CWE-22
Path Traversal
|
CVE-2013-3739
|
2024-11-21 10:54 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288582
|
- |
|
david_bagley
|
xlockmore
|
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemen…
|
NVD-CWE-Other
|
CVE-2013-4143
|
2024-11-21 10:54 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288583
|
- |
|
ibm
|
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
tivoli_it_asset_management_for_it
tivoli_asset_management_for_it
smartcloud_control_desk…
|
SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027…
|
CWE-89
SQL Injection
|
CVE-2013-4016
|
2024-11-21 10:54 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288584
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers t…
|
CWE-200
Information Exposure
|
CVE-2013-3984
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288585
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page.
|
CWE-200
Information Exposure
|
CVE-2013-3982
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288586
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to download avatar photos of arbitrary users via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3981
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288587
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to cause a denial of service (room unusability) by generating a large number of fictitious users…
|
CWE-20
Improper Input Validation
|
CVE-2013-3980
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288588
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names.
|
CWE-287
Improper Authentication
|
CVE-2013-3977
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288589
|
- |
|
ibm
|
sametime
|
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a sear…
|
NVD-CWE-noinfo
|
CVE-2013-3975
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288590
|
- |
|
bestpractical
|
rt-extension-mobileui
request_tracker
|
Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13 allows remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3736
|
2024-11-21 10:54 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
