|
294831
|
- |
|
bigtreecms
|
bigtree_cms
|
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for re…
|
CWE-352
Origin Validation Error
|
CVE-2013-4881
|
2024-11-21 10:56 |
2013-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294832
|
- |
|
hp
|
service_manager
service_center
|
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-4808
|
2024-11-21 10:56 |
2013-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294833
|
- |
|
cybozu
|
mailwise
|
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines with…
|
CWE-200
Information Exposure
|
CVE-2013-4698
|
2024-11-21 10:56 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294834
|
- |
|
bigtreecms
|
bigtree_cms
|
Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4880
|
2024-11-21 10:56 |
2013-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294835
|
- |
|
bigtreecms
|
bigtree_cms
|
SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php.
|
CWE-89
SQL Injection
|
CVE-2013-4879
|
2024-11-21 10:56 |
2013-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294836
|
- |
|
hp
|
3com_router
5500g-24_ei_10\/100\/1000_no_power_supply_unit_switch
5500-48g_si_switch
5500-48g_ei_switch
h3c_ethernet_switch
5500-24g_si_switch
5500g-24_ei_sfp_no_power_supply_unit_s…
|
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possi…
|
NVD-CWE-noinfo
|
CVE-2013-4806
|
2024-11-21 10:56 |
2013-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294837
|
- |
|
cotonti
|
cotonti_siena
|
SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2013-4789
|
2024-11-21 10:56 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294838
|
- |
|
magnolia-cms
|
magnolia_form_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4759
|
2024-11-21 10:56 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294839
|
- |
|
netwin
|
surgeftp
|
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4742
|
2024-11-21 10:56 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294840
|
- |
|
siemens
|
comos
|
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrict…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4943
|
2024-11-21 10:56 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
