|
293621
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0506
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293622
|
- |
|
ibm
|
sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution
|
IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and re…
|
CWE-200
CWE-20
Information Exposure
Improper Input Validation
|
CVE-2013-0505
|
2024-11-21 10:47 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293623
|
- |
|
jenkins
|
jenkins
|
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
|
CWE-20
Improper Input Validation
|
CVE-2013-0331
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293624
|
- |
|
jenkins
|
jenkins
|
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0330
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293625
|
- |
|
jenkins
|
jenkins
|
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0329
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293626
|
- |
|
jenkins
|
jenkins
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-0328
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293627
|
- |
|
jenkins
|
jenkins
|
Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-0327
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293628
|
- |
|
debian
|
latd
|
Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1.30 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0251
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293629
|
- |
|
mathijs_koenraadt
|
search_api_sorts
|
Cross-site scripting (XSS) vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain roles to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0227
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293630
|
- |
|
zugec_ivan
|
keyboard_shortcut_utility
|
The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the "view shortcuts" permission to r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0226
|
2024-11-21 10:47 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
