| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2002-0075 | 7.5 |
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
| CVE-2015-1673 | 9.3 |
The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms E
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
| CVE-2018-12104 | 4.3 |
Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/new_report.kp URI.
|
11-08-2018 - 14:42 | 17-06-2018 - 20:29 | |
| CVE-2012-2194 | 5.0 |
Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.
|
22-12-2017 - 02:29 | 25-07-2012 - 10:42 | |
| CVE-2012-2196 | 5.0 |
IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.
|
22-12-2017 - 02:29 | 25-07-2012 - 10:42 | |
| CVE-2012-2197 | 7.1 |
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT
|
22-12-2017 - 02:29 | 25-07-2012 - 10:42 | |
| CVE-2010-4809 | 7.5 |
SQL injection vulnerability in index.php in DBSite 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
29-08-2017 - 01:29 | 08-07-2011 - 22:55 | |
| CVE-2005-2357 | 5.0 |
Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
|
11-07-2017 - 01:32 | 16-08-2005 - 04:00 | |
| CVE-2015-8978 | 5.0 |
In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the l
|
28-11-2016 - 19:50 | 22-11-2016 - 17:59 | |
| CVE-2010-4739 | 7.5 |
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php.
|
04-07-2013 - 07:13 | 16-02-2011 - 03:00 | |
| CVE-2005-2358 | 5.0 |
EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot).
|
05-09-2008 - 20:51 | 16-08-2005 - 04:00 |