|
291401
|
- |
|
matomo
|
matomo
|
Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1844
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291402
|
- |
|
rubygems
|
command_wrap
|
command_wrap.rb in the command_wrap Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL or filename.
|
CWE-94
Code Injection
|
CVE-2013-1875
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291403
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1750
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291404
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."
|
CWE-20
Improper Input Validation
|
CVE-2013-1655
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291405
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to c…
|
NVD-CWE-noinfo
|
CVE-2013-1654
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291406
|
- |
|
puppet
puppetlabs
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to…
|
NVD-CWE-noinfo
|
CVE-2013-1653
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291407
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1652
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291408
|
- |
|
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2…
|
NVD-CWE-noinfo
|
CVE-2013-1640
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291409
|
- |
|
typo3
|
typo3
|
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to…
|
CWE-399
Resource Management Errors
|
CVE-2013-1843
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291410
|
- |
|
typo3
|
typo3
|
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2013-1842
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
