| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-4378 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1)
|
17-05-2024 - 00:30 | 26-08-2006 - 21:04 | |
| CVE-2000-1178 | 2.1 |
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.
|
26-01-2024 - 16:59 | 09-01-2001 - 05:00 | |
| CVE-2015-3361 | 2.1 |
Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
07-02-2019 - 16:31 | 21-04-2015 - 16:59 | |
| CVE-2006-4348 | 7.5 |
PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
17-10-2018 - 21:36 | 24-08-2006 - 21:04 | |
| CVE-2006-4282 | 7.5 |
PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
|
17-10-2018 - 21:34 | 22-08-2006 - 17:04 | |
| CVE-2006-4311 | 7.5 |
PHP remote file inclusion vulnerability in Sonium Enterprise Adressbook 0.2 allows remote attackers to execute arbitrary PHP code via the folder parameter in multiple files in the plugins directory, as demonstrated by plugins/1_Adressbuch/delete.php.
|
17-10-2018 - 21:34 | 23-08-2006 - 19:04 | |
| CVE-2006-4263 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path par
|
17-10-2018 - 21:34 | 21-08-2006 - 21:04 | |
| CVE-2017-8202 | 7.1 |
The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier
|
12-12-2017 - 18:07 | 22-11-2017 - 19:29 | |
| CVE-2015-7975 | 2.1 |
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
|
21-11-2017 - 02:29 | 30-01-2017 - 21:59 | |
| CVE-2008-5066 | 10.0 |
PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
|
29-09-2017 - 01:32 | 13-11-2008 - 17:24 | |
| CVE-2016-3526 | 7.8 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3529 and CVE-2016-
|
01-09-2017 - 01:29 | 21-07-2016 - 10:13 | |
| CVE-2007-0159 | 6.4 |
Directory traversal vulnerability in the GeoIP_update_database_general function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers (possibly only update.maxmind.com) to overwrite arbitrary files via a .. (dot dot) in the
|
29-07-2017 - 01:30 | 10-01-2007 - 00:28 |