|
293031
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4705
|
2024-11-21 10:56 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293032
|
- |
|
sophos
|
web_appliance
|
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second…
|
CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command
|
CVE-2013-4984
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293033
|
- |
|
sophos
|
web_appliance_firmware
|
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-78
OS Command
|
CVE-2013-4983
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293034
|
- |
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4703
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293035
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293036
|
- |
|
twilightcms
|
twilight_cms
|
Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4899
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293037
|
- |
|
htmlcleaner_project
open-xchange
|
htmlcleaner
open-xchange_appsuite
|
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other person…
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293038
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293039
|
- |
|
lockon
|
ec-cube
|
Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbit…
|
CWE-22
Path Traversal
|
CVE-2013-4702
|
2024-11-21 10:56 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293040
|
- |
|
strongswan
opensuse
|
strongswan
opensuse
|
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5018
|
2024-11-21 10:56 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
