|
287341
|
7.8 |
HIGH
Local
|
apt-listbugs_project
debian
|
apt-listbugs
debian_linux
|
apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-6049
|
2024-11-21 10:58 |
2017-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287342
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev25 and 7.4.x before 7.4.0-rev14, in certain user-id sharing scenarios, does not properly construct a SQL stateme…
|
CWE-200
Information Exposure
|
CVE-2013-6241
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287343
|
- |
|
pydio
ajaxplorer
|
pydio
ajaxplorer
|
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by u…
|
NVD-CWE-Other
|
CVE-2013-6227
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287344
|
- |
|
softaculous
|
webuzo
|
The login function in Softaculous Webuzo before 2.1.4 provides different error messages for invalid authentication attempts depending on whether the user account exists, which allows remote attackers…
|
CWE-200
Information Exposure
|
CVE-2013-6043
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287345
|
- |
|
softaculous
|
webuzo
|
index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within a login action.
|
CWE-78
OS Command
|
CVE-2013-6041
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287346
|
- |
|
sensiolabs
|
symfony
|
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a lon…
|
CWE-399
Resource Management Errors
|
CVE-2013-5958
|
2024-11-21 10:58 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287347
|
- |
|
codeaurora
|
android-msm
|
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed…
|
CWE-59
Link Following
|
CVE-2013-6124
|
2024-11-21 10:58 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287348
|
- |
|
hp
|
service_manager
|
Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6222
|
2024-11-21 10:58 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287349
|
- |
|
ibm
|
power_760_firmware
power_770
power_780
power_795
power_ese
power_740_firmware
power_710
power_720
power_730
power_740
power_770_firmware
power_750
power_760
pow…
|
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges …
|
NVD-CWE-noinfo
|
CVE-2013-6306
|
2024-11-21 10:58 |
2014-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287350
|
- |
|
yealink
|
sip-t38g
|
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running …
|
CWE-78
OS Command
|
CVE-2013-5758
|
2024-11-21 10:58 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
