CVE-2025-13003

Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc. AxOnboard allows Exploitation of Trusted Identifiers.This issue affects AxOnboard: from 3.2.0 before 3.3.0...

CVE-2019-13003 vulnerabilities

Vulnerabilities for packages: gitlab-operator-fips...

CVE-2024-13003

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /updateed.php. The manipulation of the argument eid leads to sql injection. The attack may be launched remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2017-13003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmpprint. CVE-2017-13003 Note that Nessus relies on the presence of the package as...

CVE-2024-13003

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /updateed.php. The manipulation of the argument eid leads to sql injection. The attack may be launched remotely. The...

CVE-2024-13003 1000 Projects Portfolio Management System MCA update_ed.php sql injection

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /updateed.php. The manipulation of the argument eid leads to sql injection. The attack may be launched remotely. The...

CVE-2024-13003 1000 Projects Portfolio Management System MCA update_ed.php sql injection

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /updateed.php. The manipulation of the argument eid leads to sql injection. The attack may be launched remotely. The...

CVE-2024-13003

The CVE-2024-13003 issue affects 1000 Projects Portfolio Management System MCA 1.0. It concerns an SQL injection in the file /update_ed.php via the e_id parameter, enabling remote exploitation. Multiple sources consistently identify the vulnerable component as the update_ed.php endpoint and descr...

CVE-2018-13003

creationtimestamp| type| source ---|---|--- 2023-05-03 22:31:08+00:00| seen| https://t.me/cibsecurity/63239...

Cross Site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

GHSA-9CHV-3W6C-JQ9W Cross Site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

CVE-2023-25827

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

Cross site scripting

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

CVE-2020-13003

CVE-2020-13003 entry is rejected/not used per initial description.

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory. - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen. CVE-2017-12893 - Several protocol parsers in tcpdum...

CVE-2019-13003

CVE-2019-13003 affects GitLab Community and Enterprise Edition prior to 12.0.3. A parser used by GitLab CI is vulnerable to a resource-exhaustion attack, allowing uncontrolled resource consumption (network exposure, low attack complexity). The documented remediation is to upgrade to GitLab 12.0.3...

CVE-2017-13003

The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmpprint...

CVE-2018-13003

OpenTSDB 2.3.0 contains a reflected XSS in the /suggest endpoint where the parameter type is not properly sanitized, enabling injection of arbitrary JavaScript into the browser of a targeted user. The issue’s root cause is related to insufficient input validation of parameters reflected in respon...

Geutebrueck GCore GCoreServer.exe Buffer Overflow Exploit

This Metasploit module exploits a stack Buffer Overflow in the GCore server GCoreServer.exe. The vulnerable webserver is running on Port 13003 and Port 13004, does not require authentication and affects all versions from 2003 till July 2016 Version 1.4.YYYYY. This module requires Metasploit:...

Geutebrueck GCore GCoreServer.exe Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' require 'open-uri' class MetasploitModule 'Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE', 'Description' = %q This module exploits a stack...