Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-4868 |
Karotz API 12.07.19.00: Session Token Information Disclosure Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2013-4867 |
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 6.3 MEDIUM V2.0: 6.2 MEDIUM |
CVE-2013-4859 |
INSTEON Hub 2242-222 lacks Web and API authentication Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 9.3 HIGH |
CVE-2013-4796 |
ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2013-4764 |
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission. Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 2.1 LOW |
CVE-2013-4763 |
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
CVE-2013-4743 |
Static HTTP Server 1.0 has a Local Overflow Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4692 |
Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4621 |
Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities Published: December 27, 2019; 12:15:15 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-16896 |
In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. Published: December 27, 2019; 11:15:11 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 2.1 LOW |
CVE-2013-4695 |
Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution Published: December 27, 2019; 11:15:11 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2013-4693 |
WordPress Xorbin Digital Flash Clock 1.0 has XSS Published: December 27, 2019; 11:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4691 |
Sencha Labs Connect has XSS with connect.methodOverride() Published: December 27, 2019; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4665 |
SPBAS Business Automation Software 2012 has CSRF. Published: December 27, 2019; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4664 |
SPBAS Business Automation Software 2012 has XSS. Published: December 27, 2019; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-1000029 |
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). Published: December 27, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2016-1000028 |
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). Published: December 27, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2019-19781 |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Published: December 27, 2019; 9:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-4559 |
Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter. Published: December 27, 2019; 9:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-4525 |
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter. Published: December 27, 2019; 9:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |