|
294441
|
- |
|
open-emr
|
openemr
|
Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_ra…
|
CWE-89
SQL Injection
|
CVE-2013-4619
|
2024-11-21 10:55 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294442
|
- |
|
alkacon
|
opencms
|
Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4600
|
2024-11-21 10:55 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294443
|
- |
|
symantec
|
backup_exec
|
Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4575
|
2024-11-21 10:55 |
2013-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294444
|
- |
|
bitcoin
|
bitcoin_core
|
Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows remote attackers to cause a denial of service (memory consumption) via a large amount of tx message data.
|
NVD-CWE-noinfo
|
CVE-2013-4627
|
2024-11-21 10:55 |
2013-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294445
|
- |
|
bitcoin
|
bitcoin_core
|
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remo…
|
CWE-200
Information Exposure
|
CVE-2013-4165
|
2024-11-21 10:55 |
2013-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294446
|
- |
|
siemens
|
scalance_w700_series_firmware
scalance_w744-1
scalance_w744-1pro
scalance_w746-1
scalance_w746-1pro
scalance_w747-1
scalance_w747-1rr
scalance_w784-1
scalance_w784-1rr
scal…
|
Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary c…
|
NVD-CWE-noinfo
|
CVE-2013-4652
|
2024-11-21 10:55 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294447
|
- |
|
siemens
|
scalance_w700_series_firmware
scalance_w744-1
scalance_w744-1pro
scalance_w746-1
scalance_w746-1pro
scalance_w747-1
scalance_w747-1rr
scalance_w784-1
scalance_w784-1rr
scal…
|
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-…
|
CWE-255
Credentials Management
|
CVE-2013-4651
|
2024-11-21 10:55 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294448
|
- |
|
mongodb
|
mongodb
|
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4650
|
2024-11-21 10:55 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294449
|
- |
|
fortinet
|
fortios
|
Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4604
|
2024-11-21 10:55 |
2013-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294450
|
- |
|
php
|
php
|
The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash)…
|
CWE-20
Improper Input Validation
|
CVE-2013-4636
|
2024-11-21 10:55 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
