Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-14354 | 4.3 |
A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.
|
11-11-2017 - 02:29 | 05-10-2017 - 15:29 | |
CVE-2006-6117 | 7.5 |
SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter.
|
19-10-2017 - 01:29 | 26-11-2006 - 22:07 | |
CVE-2011-5019 | 4.3 |
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter.
|
29-08-2017 - 01:30 | 05-01-2012 - 16:55 | |
CVE-2008-6460 | 7.5 |
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
CVE-2005-0443 | 4.3 |
index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
CVE-2005-0445 | 4.3 |
Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
CVE-2005-0159 | 4.6 |
The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
|
11-07-2017 - 01:32 | 27-04-2005 - 04:00 | |
CVE-2005-0442 | 5.0 |
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
CVE-2004-1556 | 5.0 |
MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
CVE-2004-1557 | 6.4 |
MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
CVE-2005-0429 | 5.0 |
Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter.
|
18-10-2016 - 03:11 | 02-05-2005 - 04:00 | |
CVE-2000-0447 | 7.5 |
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.
|
10-09-2008 - 19:04 | 01-05-2000 - 04:00 | |
CVE-2005-0070 | 7.2 |
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
|
05-09-2008 - 20:45 | 02-05-2005 - 04:00 |