|
295561
|
- |
|
ibm
|
lotus_sametime
|
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak sett…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3985
|
2024-11-21 10:54 |
2013-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295562
|
- |
|
ibm
|
lotus_sametime
|
IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3986
|
2024-11-21 10:54 |
2013-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295563
|
- |
|
ibm
|
lotus_domino
|
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4055
|
2024-11-21 10:54 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295564
|
- |
|
ibm
|
lotus_domino
|
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4051
|
2024-11-21 10:54 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295565
|
- |
|
ibm
|
lotus_domino
|
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified vic…
|
CWE-352
Origin Validation Error
|
CVE-2013-4050
|
2024-11-21 10:54 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295566
|
- |
|
attachmate
|
verastream_host_integrator
|
Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a cr…
|
CWE-22
Path Traversal
|
CVE-2013-3626
|
2024-11-21 10:54 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295567
|
- |
|
openafs
debian
|
openafs
debian_linux
|
The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive informa…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4135
|
2024-11-21 10:54 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295568
|
- |
|
openafs
debian
|
openafs
debian_linux
|
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4134
|
2024-11-21 10:54 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295569
|
- |
|
nas4free
|
nas4free
|
NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not b…
|
CWE-94
Code Injection
|
CVE-2013-3631
|
2024-11-21 10:54 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295570
|
- |
|
moodle
|
moodle
|
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
|
CWE-94
Code Injection
|
CVE-2013-3630
|
2024-11-21 10:54 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
