|
294791
|
7.5 |
HIGH
Network
|
oracle
intel
|
fujitsu_m10_firmware
intelligent_platform_management_interface
|
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing atta…
|
CWE-255
Credentials Management
|
CVE-2013-4786
|
2024-11-21 10:56 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294792
|
- |
|
dell
|
idrac6_firmware
|
The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified f…
|
NVD-CWE-noinfo
|
CVE-2013-4785
|
2024-11-21 10:56 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294793
|
- |
|
hp
|
integrated_lights-out_bmc
|
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary p…
|
CWE-287
Improper Authentication
|
CVE-2013-4784
|
2024-11-21 10:56 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294794
|
- |
|
dell
|
idrac6_bmc
|
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI command…
|
CWE-287
Improper Authentication
|
CVE-2013-4783
|
2024-11-21 10:56 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294795
|
- |
|
supermicro
|
bmc
|
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
|
CWE-287
Improper Authentication
|
CVE-2013-4782
|
2024-11-21 10:56 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294796
|
- |
|
phpmyadmin
|
phpmyadmin
|
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal ar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4729
|
2024-11-21 10:56 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294797
|
- |
|
usertask_center_messaging_project
|
usertask_center_messaging
|
Cross-site scripting (XSS) vulnerability in the UserTask Center, Messaging (sys_messages) extension 1.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4749
|
2024-11-21 10:56 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294798
|
- |
|
georg_ringer
|
news
|
SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-4748
|
2024-11-21 10:56 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294799
|
- |
|
kasper_skarhoj
|
accessible_is_browse_results
|
Cross-site scripting (XSS) vulnerability in the Accessible browse results for indexed search (accessible_is_browse_results) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4747
|
2024-11-21 10:56 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294800
|
- |
|
kurt_gusbeth
|
myquizpoll
|
Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4746
|
2024-11-21 10:56 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
