|
294531
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2013-4726
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294532
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote attackers to redirect users to arbitrary web sites …
|
CWE-20
Improper Input Validation
|
CVE-2013-4723
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294533
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4722
|
2024-11-21 10:56 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294534
|
- |
|
nullsoft
|
winamp
|
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4694
|
2024-11-21 10:56 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294535
|
- |
|
eucalyptus
|
eucalyptus
|
The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote attackers to cause a denial of service via vectors related to the "network connection clean up code" and (1) Cloud Controller (CLC),…
|
CWE-20
Improper Input Validation
|
CVE-2013-4768
|
2024-11-21 10:56 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294536
|
- |
|
reviewboard
|
review_board
|
Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x before 1.6.18 and 1.7.x before 1.7.12 allows remote attackers to inject arbitrary web script or HTML via a user f…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4795
|
2024-11-21 10:56 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294537
|
- |
|
puppet
|
puppet_enterprise
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 allow remote attackers to hijack the authentication of users for requests that deleting a (1) report,…
|
CWE-352
Origin Validation Error
|
CVE-2013-4963
|
2024-11-21 10:56 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294538
|
- |
|
hp
|
system_management_homepage
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-4846
|
2024-11-21 10:56 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294539
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4971
|
2024-11-21 10:56 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294540
|
- |
|
puppet
|
puppet_enterprise
|
The master external node classification script in Puppet Enterprise before 3.2.0 does not verify the identity of consoles, which allows remote attackers to create arbitrary classifications on the mas…
|
CWE-287
Improper Authentication
|
CVE-2013-4966
|
2024-11-21 10:56 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
