|
291671
|
- |
|
wysija_newsletters_project
|
wysija_newsletters
|
Multiple SQL injection vulnerabilities in the Wysija Newsletters plugin before 2.2.1 for WordPress allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search or (2…
|
CWE-89
SQL Injection
|
CVE-2013-1408
|
2024-11-21 10:49 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291672
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE) bef…
|
CWE-352
Origin Validation Error
|
CVE-2013-1399
|
2024-11-21 10:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291673
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive inform…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1398
|
2024-11-21 10:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291674
|
- |
|
commentluv
|
commentluv
|
Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1409
|
2024-11-21 10:49 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291675
|
- |
|
i-doit
|
i-doit
|
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1413
|
2024-11-21 10:49 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291676
|
- |
|
geeklog
|
geeklog
|
Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1470
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291677
|
- |
|
glfusion
|
glfusion
|
Multiple cross-site scripting (XSS) vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) addre…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1466
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291678
|
- |
|
adobe
|
acrobat_reader
acrobat
|
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1376
|
2024-11-21 10:49 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291679
|
- |
|
lenovo
|
thinkpad_bluetooth_with_enhanced_data_rate_software
|
Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code a…
|
NVD-CWE-Other
|
CVE-2013-1361
|
2024-11-21 10:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291680
|
- |
|
dave_coffin
|
dcraw
|
Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo fil…
|
NVD-CWE-noinfo
|
CVE-2013-1438
|
2024-11-21 10:49 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
