|
295821
|
- |
|
wpsymposiumpro
|
wp_symposium
|
Cross-site scripting (XSS) vulnerability in invite.php in the WP Symposium plugin before 13.04 for WordPress allows remote attackers to inject arbitrary web script or HTML via the u parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2695
|
2024-11-21 10:52 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295822
|
- |
|
wpsymposiumpro
|
wp_symposium
|
Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the…
|
CWE-20
Improper Input Validation
|
CVE-2013-2694
|
2024-11-21 10:52 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295823
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action t…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2643
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295824
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation va…
|
CWE-78
OS Command
|
CVE-2013-2642
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295825
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
|
CWE-22
Path Traversal
|
CVE-2013-2641
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295826
|
- |
|
aspen
|
aspen
|
Directory traversal vulnerability in Aspen before 0.22 allows remote attackers to read arbitrary files via a .. (dot dot) to the default URI.
|
CWE-22
Path Traversal
|
CVE-2013-2619
|
2024-11-21 10:52 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295827
|
- |
|
brother
|
mfc-9970cdw_firmware
mfc-9970cdw
|
Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer with firmware L (1.10) allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) val p…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2671
|
2024-11-21 10:52 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295828
|
- |
|
brother
|
mfc-9970cdw_firmware
mfc-9970cdw
|
Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW printer with firmware G (1.03) and L (1.10) allows remote attackers to inject arbitrary web script or HTML via an arbitrary paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2670
|
2024-11-21 10:52 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295829
|
- |
|
umi-cms
|
umi.cms
|
Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator ac…
|
CWE-352
Origin Validation Error
|
CVE-2013-2754
|
2024-11-21 10:52 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295830
|
- |
|
schneider-electric
|
powerlogic_scada
struxureware_scada_expert_vijeo_citect
struxureware_powerscada_expert
citectscada
|
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi…
|
NVD-CWE-Other
|
CVE-2013-2824
|
2024-11-21 10:52 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
