| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-0803 | 5.8 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Mi
|
24-08-2020 - 17:37 | 04-01-2018 - 14:29 | |
| CVE-2012-0325 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified
|
30-10-2018 - 16:27 | 09-03-2012 - 11:55 | |
| CVE-2012-0324 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified
|
30-10-2018 - 16:27 | 09-03-2012 - 11:55 | |
| CVE-2007-2532 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different
|
16-10-2018 - 16:44 | 09-05-2007 - 00:19 | |
| CVE-2007-0786 | 7.5 |
SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
19-10-2017 - 01:30 | 06-02-2007 - 19:28 | |
| CVE-2007-2027 | 4.4 |
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be l
|
11-10-2017 - 01:32 | 13-04-2007 - 18:19 | |
| CVE-2007-2560 | 5.0 |
Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rubrik parameter.
|
11-10-2017 - 01:32 | 09-05-2007 - 18:19 | |
| CVE-2008-5221 | 7.5 |
The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified passw
|
29-09-2017 - 01:32 | 25-11-2008 - 18:30 | |
| CVE-2005-0312 | 2.1 |
WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating
|
11-07-2017 - 01:32 | 27-01-2005 - 05:00 | |
| CVE-2001-0304 | 5.0 |
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.
|
18-10-2016 - 02:10 | 03-05-2001 - 04:00 |