Max CVSS 7.6 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2004-1423 7.5
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote attackers to execute arbitrary PHP code via a URL in the
19-10-2018 - 15:30 31-12-2004 - 05:00
CVE-2006-5517 7.5
Multiple PHP remote file inclusion vulnerabilities in Rhode Island Open Meetings Filing Application (OMFA) allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) editmeetings/session.php, (2) email/session
17-10-2018 - 21:43 26-10-2006 - 16:07
CVE-2006-5478 7.5
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overf
17-10-2018 - 21:43 24-10-2006 - 20:07
CVE-2006-5474 7.5
The "forgot password" function in OneOrZero Helpdesk before 1.6.5.4 generates insecure passwords by concatenating the current timestamp with the username, which allows remote attackers to gain access as an arbitrary user by requesting a password rese
17-10-2018 - 21:43 24-10-2006 - 20:07
CVE-2006-7150 7.5
Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php.
16-10-2018 - 16:29 07-03-2007 - 20:19
CVE-2006-7149 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x allow remote attackers to inject arbitrary web script or HTML via (1) the query string to (a) index.php, which reflects the string in an error message from mod_login.php; and the (2)
16-10-2018 - 16:29 07-03-2007 - 20:19
CVE-2001-0047 7.5
The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnera
12-10-2018 - 21:30 16-02-2001 - 05:00
CVE-2017-11888 7.6
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Mem
29-12-2017 - 14:39 12-12-2017 - 21:29
CVE-2006-5518 7.5
Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php,
19-10-2017 - 01:29 26-10-2006 - 16:07
CVE-2006-5522 7.5
Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt Kawf 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config parameter in (1) main.php or (2) user/account/main.php.
19-10-2017 - 01:29 26-10-2006 - 16:07
CVE-2006-5514 7.5
SQL injection vulnerability in quiz.php in Web Group Communication Center (WGCC) 0.5.6b and earlier allows remote attackers to execute arbitrary SQL commands via the qzid parameter.
19-10-2017 - 01:29 26-10-2006 - 16:07
CVE-2006-5480 5.1
PHP remote file inclusion vulnerability in lib/rs.php in 2le.net Castor PHP Web Builder 1.1.1 allows remote attackers to execute arbitrary PHP code via the rootpath parameter. Successful exploitation requires that "register_globals" is enabled and th
19-10-2017 - 01:29 24-10-2006 - 20:07
CVE-2007-0337 7.5
Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter
19-10-2017 - 01:29 18-01-2007 - 02:28
CVE-2008-6684 6.8
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a
29-09-2017 - 01:33 10-04-2009 - 22:00
CVE-2008-6683 4.3
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter.
29-09-2017 - 01:33 10-04-2009 - 22:00
CVE-2016-6144 4.3
The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote attackers to bypas
28-11-2016 - 20:30 05-08-2016 - 14:59
CVE-2013-3467 4.6
Memory leak in the CLI component on Cisco Unified Computing System (UCS) 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a denial of service (memory consumption and device reset) via a (1)
07-11-2016 - 15:02 30-08-2013 - 01:55
Back to Top Mark selected
Back to Top