|
288141
|
- |
|
opsview
|
opsview
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7256
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288142
|
- |
|
opsview
|
opsview
|
Open redirect vulnerability in Opsview before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-7255
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288143
|
- |
|
opsview
|
opsview
|
Cross-site scripting (XSS) vulnerability in Opsview before 4.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7254
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288144
|
- |
|
westerndeal
wordpress
|
advanced_dewplayer
wordpress
|
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7240
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288145
|
- |
|
ad-minister_project
|
ad-minister
|
Cross-site scripting (XSS) vulnerability in the Ad-minister plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the key parameter in a delete actio…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6993
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288146
|
- |
|
askapache
|
firefox_adsense
|
Cross-site request forgery (CSRF) vulnerability in askapache-firefox-adsense.php in the AskApache Firefox Adsense plugin 3.0 and earlier for WordPress allows remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2013-6992
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288147
|
- |
|
wokamoto
|
wp-cron_dashboard
|
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the procname parameter to w…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6991
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288148
|
- |
|
projectforge
|
projectforge
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ProjectForge before 5.3 allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) web/admin/, (2)…
|
CWE-352
Origin Validation Error
|
CVE-2013-7251
|
2024-11-21 11:00 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288149
|
- |
|
projectforge
|
projectforge
|
Cross-site scripting (XSS) vulnerability in the JsonBuilder implementation in ProjectForge before 5.3 allows remote authenticated users to inject arbitrary web script or HTML via an autocompletion st…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7250
|
2024-11-21 11:00 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288150
|
- |
|
fatfreecrm
|
fat_free_crm
|
Fat Free CRM before 0.12.1 does not restrict XML serialization, which allows remote attackers to obtain sensitive information via a direct request, as demonstrated by a request for users/1.xml, a dif…
|
CWE-200
Information Exposure
|
CVE-2013-7249
|
2024-11-21 11:00 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
