|
290041
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2013-3064
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290042
|
- |
|
apachefriends
|
xampp
|
XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which allows remote attackers to modify xampp/lang.tmp and execute cross-site scripting (XSS) attacks via the WriteIntoLocalDisk metho…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2586
|
2024-11-21 10:52 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290043
|
- |
|
codeaurora
|
android-msm
|
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.…
|
NVD-CWE-Other
|
CVE-2013-2599
|
2024-11-21 10:52 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290044
|
- |
|
codeaurora
|
android-msm
|
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite s…
|
CWE-20
Improper Input Validation
|
CVE-2013-2598
|
2024-11-21 10:52 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290045
|
- |
|
codeaurora
|
android-msm
|
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other produ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2595
|
2024-11-21 10:52 |
2014-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290046
|
- |
|
ibm
|
tivoli_application_dependency_discovery_manager
|
Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitra…
|
CWE-22
Path Traversal
|
CVE-2013-3004
|
2024-11-21 10:52 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290047
|
- |
|
jojocms
|
jojo-cms
|
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgo…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3082
|
2024-11-21 10:52 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290048
|
- |
|
jojocms
|
jojo-cms
|
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-F…
|
CWE-89
SQL Injection
|
CVE-2013-3081
|
2024-11-21 10:52 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290049
|
- |
|
myheritage
|
sequeryobject_activex_control
|
Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokens…
|
NVD-CWE-Other
|
CVE-2013-2602
|
2024-11-21 10:52 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290050
|
- |
|
network-weathermap
|
.network_weathermap
|
Cross-site scripting (XSS) vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the map_title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2618
|
2024-11-21 10:52 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
