|
287201
|
9.8 |
CRITICAL
Network
|
ep_imageconvert_project
|
ep_imageconvert
|
The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability
|
CWE-74
Injection
|
CVE-2013-7380
|
2024-11-21 11:00 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287202
|
6.1 |
MEDIUM
Network
|
shaarli_project
|
shaarli
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDail…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7351
|
2024-11-21 11:00 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287203
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7062
|
2024-11-21 11:00 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287204
|
6.1 |
MEDIUM
Network
|
fibranet
|
monitorix
|
Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7071
|
2024-11-21 11:00 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287205
|
9.8 |
CRITICAL
Network
|
fibranet
|
monitorix
|
The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.
|
CWE-74
Injection
|
CVE-2013-7070
|
2024-11-21 11:00 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287206
|
6.1 |
MEDIUM
Network
|
sencha
debian
|
connect
debian_linux
|
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
|
CWE-79
Cross-site Scripting
|
CVE-2013-7371
|
2024-11-21 11:00 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287207
|
6.1 |
MEDIUM
Network
|
redhat
sencha
opensuse
debian
|
openshift
connect
opensuse
debian_linux
|
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware
|
CWE-79
Cross-site Scripting
|
CVE-2013-7370
|
2024-11-21 11:00 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287208
|
8.8 |
HIGH
Network
|
debian
|
devscripts
debian_linux
|
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
|
NVD-CWE-noinfo
|
CVE-2013-7325
|
2024-11-21 11:00 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287209
|
7.8 |
HIGH
Local
|
slackware
|
slackware_linux
|
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to…
|
CWE-20
Improper Input Validation
|
CVE-2013-7172
|
2024-11-21 11:00 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287210
|
9.8 |
CRITICAL
Network
|
slackware
|
slackware_linux
|
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root …
|
CWE-20
Improper Input Validation
|
CVE-2013-7171
|
2024-11-21 11:00 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
