|
287321
|
- |
|
novell
|
zenworks_configuration_management
|
Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified vic…
|
CWE-352
Origin Validation Error
|
CVE-2013-6346
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287322
|
- |
|
novell
|
zenworks_configuration_management
|
Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."
|
NVD-CWE-noinfo
|
CVE-2013-6345
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287323
|
- |
|
novell
|
zenworks_configuration_management
|
The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6344
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287324
|
9.8 |
CRITICAL
Network
|
qnap
|
viocard-30_firmware
viocard-100_firmware
viocard-300_firmware
viogate-340a_firmware
viogate-340_firmware
|
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authoriz…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2013-6276
|
2024-11-21 10:58 |
2021-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287325
|
9.8 |
CRITICAL
Network
|
prestashop
|
prestashop
|
PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module
|
CWE-269
Improper Privilege Management
|
CVE-2013-6295
|
2024-11-21 10:58 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287326
|
7.5 |
HIGH
Network
|
qnap
|
viocard_300_firmware
|
QNAP VioCard 300 has hardcoded RSA private keys.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2013-6277
|
2024-11-21 10:58 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287327
|
6.1 |
MEDIUM
Network
|
tiki
|
tikiwiki_cms\/groupware
|
A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6022
|
2024-11-21 10:58 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287328
|
9.8 |
CRITICAL
Network
|
izoncam
|
izon_ip_firmware
|
IZON IP 2.0.2: hard-coded password vulnerability
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2013-6236
|
2024-11-21 10:58 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287329
|
6.1 |
MEDIUM
Network
|
semperplugins
|
all_in_one_seo_pack
|
A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5988
|
2024-11-21 10:58 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287330
|
9.8 |
CRITICAL
Network
|
dlink
|
dsr-150_firmware
dsr-150n_firmware
dsr-250_firmware
dsr-250n_firmware
dsr-500_firmware
dsr-500n_firmware
dsr-1000_firmware
dsr-1000n_firmware
|
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N,…
|
CWE-89
SQL Injection
|
CVE-2013-5945
|
2024-11-21 10:58 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
