|
290331
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7288
|
2024-11-21 11:00 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290332
|
- |
|
nisuta
|
ns-wir150ne_firmware
ns-wir150ne
ns-wir300n_firmware
ns-wir300n
|
The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Co…
|
CWE-287
Improper Authentication
|
CVE-2013-7282
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290333
|
- |
|
cisco
|
secure_access_control_system
|
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6974
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290334
|
- |
|
cynthia_fridsma
|
horizon_quick_content_management_system
|
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2013-7139
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290335
|
- |
|
horizon_quick_content_management_system_project
|
horizon_quick_content_management_system
|
Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2013-7138
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290336
|
- |
|
libreswan
|
libreswan
|
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd…
|
CWE-362
Race Condition
|
CVE-2013-7283
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290337
|
- |
|
qnap
|
qts
|
Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7174
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290338
|
- |
|
synology
|
diskstation_manager
|
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6955
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290339
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange (OX) AppSuite 7.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an HTML email with crafted CS…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6997
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290340
|
- |
|
cisco
|
nx-os
|
The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2013-6982
|
2024-11-21 11:00 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
