|
290221
|
- |
|
phpfox
|
phpfox
|
static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[it…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7196
|
2024-11-21 11:00 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290222
|
- |
|
phpfox
|
phpfox
|
PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7195
|
2024-11-21 11:00 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290223
|
- |
|
f-secure
|
email_and_server_security
anti-virus
server_security
|
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant…
|
CWE-89
SQL Injection
|
CVE-2013-7369
|
2024-11-21 11:00 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290224
|
- |
|
raoul_proenca
|
gnew
|
Multiple cross-site scripting (XSS) vulnerabilities in Gnew 2013.1 allow remote attackers to inject arbitrary web script or HTML via the gnew_template parameter to (1) users/profile.php, (2) articles…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7368
|
2024-11-21 11:00 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290225
|
- |
|
sap
|
enterprise_portal
|
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7367
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290226
|
- |
|
sap
|
software_deployment_manager
|
The SAP Software Deployment Manager (SDM), in certain unspecified conditions, allows remote attackers to cause a denial of service via vectors related to failed authentications.
|
CWE-287
Improper Authentication
|
CVE-2013-7366
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290227
|
- |
|
sap
|
enterprise_portal
|
Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7365
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290228
|
- |
|
sap
|
netweaver
|
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7364
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290229
|
- |
|
sap
|
solution_manager
|
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remo…
|
NVD-CWE-noinfo
|
CVE-2013-7363
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290230
|
- |
|
sap
|
ccms_agent
|
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors.
|
CWE-94
Code Injection
|
CVE-2013-7362
|
2024-11-21 11:00 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
