Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2014-5122
Disclosure Date: August 22, 2014 (last updated May 22, 2024)
Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, related to login.
0
Attacker Value
Unknown
CVE-2014-5121
Disclosure Date: August 22, 2014 (last updated May 22, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
0
Attacker Value
Unknown
CVE-2013-5222
Disclosure Date: December 30, 2013 (last updated July 12, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2013-7231
Disclosure Date: December 30, 2013 (last updated July 12, 2024)
Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222.
0
Attacker Value
Unknown
CVE-2013-5221
Disclosure Date: September 24, 2013 (last updated July 12, 2024)
The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated users to upload .exe files by leveraging (1) publisher or (2) administrator privileges.
0
Attacker Value
Unknown
CVE-2012-4949
Disclosure Date: November 14, 2012 (last updated July 12, 2024)
SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenticated users to execute arbitrary SQL commands via the where parameter to a query URI for a REST service.
0
