|
295981
|
- |
|
ibm
|
tivoli_application_dependency_discovery_manager
|
Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitra…
|
CWE-22
Path Traversal
|
CVE-2013-3004
|
2024-11-21 10:52 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295982
|
- |
|
jojocms
|
jojo-cms
|
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgo…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3082
|
2024-11-21 10:52 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295983
|
- |
|
jojocms
|
jojo-cms
|
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-F…
|
CWE-89
SQL Injection
|
CVE-2013-3081
|
2024-11-21 10:52 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295984
|
- |
|
myheritage
|
sequeryobject_activex_control
|
Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokens…
|
NVD-CWE-Other
|
CVE-2013-2602
|
2024-11-21 10:52 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295985
|
- |
|
network-weathermap
|
.network_weathermap
|
Cross-site scripting (XSS) vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the map_title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2618
|
2024-11-21 10:52 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295986
|
- |
|
ajaydsouza
|
contextual_related_posts
|
Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2013-2710
|
2024-11-21 10:52 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295987
|
- |
|
kieranoshea
|
calendar
|
Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress allows remote attackers to hijack the authentication of users for requests that add a calendar entry …
|
CWE-352
Origin Validation Error
|
CVE-2013-2698
|
2024-11-21 10:52 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295988
|
- |
|
ibm
|
smartcloud_control_desk
maximo_asset_management
|
frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2013-2998
|
2024-11-21 10:52 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295989
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle attackers to hijack…
|
CWE-287
Improper Authentication
|
CVE-2013-3046
|
2024-11-21 10:52 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295990
|
- |
|
apache
citrix
|
cloudstack
cloudplatform
|
Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2758
|
2024-11-21 10:52 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
