| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-6342 | 7.5 |
Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in
|
17-10-2018 - 21:47 | 07-12-2006 - 01:28 | |
| CVE-2017-13982 | 9.0 |
A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files.
|
11-10-2017 - 01:32 | 30-09-2017 - 01:29 | |
| CVE-2004-2656 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and
|
20-07-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2005-3595 | 10.0 |
By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 | |
| CVE-2004-1411 | 2.6 |
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1407 | 5.0 |
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1408 | 7.5 |
The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1302 | 10.0 |
The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag.
|
11-07-2017 - 01:30 | 10-01-2005 - 05:00 | |
| CVE-2016-0476 | 5.0 |
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a
|
07-12-2016 - 18:31 | 21-01-2016 - 03:00 | |
| CVE-2004-1410 | 4.3 |
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-
|
18-10-2016 - 02:54 | 31-12-2004 - 05:00 | |
| CVE-2004-1409 | 5.0 |
Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML.
|
18-10-2016 - 02:54 | 31-12-2004 - 05:00 | |
| CVE-2001-0329 | 7.5 |
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
|
10-09-2008 - 19:07 | 27-06-2001 - 04:00 | |
| CVE-2000-0421 | 7.5 |
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.
|
10-09-2008 - 19:04 | 11-05-2000 - 04:00 |