CVE-2013-3591

Public exploit
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
95.14%
Published
2020-02-07
Updated
2020-02-11

CVE-2013-3617

Public exploit
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue.
Max CVSS
3.5
EPSS Score
34.53%
Published
2013-11-02
Updated
2013-11-21

CVE-2013-3628

Public exploit
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
Max CVSS
8.8
EPSS Score
95.24%
Published
2020-02-07
Updated
2020-02-10

CVE-2013-3629

Public exploit
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
Max CVSS
8.8
EPSS Score
90.10%
Published
2020-02-07
Updated
2020-02-10

CVE-2013-3630

Public exploit
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Max CVSS
4.6
EPSS Score
2.82%
Published
2013-11-01
Updated
2021-10-12

CVE-2013-3631

Public exploit
NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not be a vulnerability, since it appears to be part of legitimate, intentionally-exposed functionality by the developer and is allowed within the intended security policy.
Max CVSS
6.0
EPSS Score
54.67%
Published
2013-11-02
Updated
2013-11-05

CVE-2013-3632

Public exploit
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.
Max CVSS
9.0
EPSS Score
82.79%
Published
2014-09-29
Updated
2014-09-30
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!