| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10869 | 5.0 |
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
|
13-02-2023 - 04:51 | 19-07-2018 - 22:29 | |
| CVE-2011-4329 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter in a setup action to admin/company.php, or the PATH_INFO to (2) admin/security_other.ph
|
10-02-2023 - 16:51 | 28-11-2011 - 11:55 | |
| CVE-2016-7835 | 6.4 |
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.
|
19-04-2021 - 14:01 | 09-06-2017 - 16:29 | |
| CVE-2011-3377 | 4.3 |
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose orig
|
30-10-2018 - 16:27 | 05-02-2014 - 19:55 | |
| CVE-2005-2127 | 7.5 |
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for
|
19-10-2018 - 15:32 | 19-08-2005 - 04:00 | |
| CVE-2009-1762 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess login page (aka gw/webacc) in Novell GroupWise 7.x before 7.03 HP2 allow remote attackers to inject arbitrary web script or HTML via the (1) GWAP.version or (2) User.Theme (aka User
|
10-10-2018 - 19:38 | 22-05-2009 - 16:48 | |
| CVE-2009-1635 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or HTML via (1) the User.lang parameter to the login p
|
10-10-2018 - 19:37 | 22-05-2009 - 16:48 | |
| CVE-2015-4415 | 5.0 |
Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) theme or (2) lang cookie parameter to AnimaGallery/.
|
09-10-2018 - 19:57 | 10-06-2015 - 14:59 | |
| CVE-2007-4068 | 5.8 |
Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay actio
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
| CVE-2002-1709 | 6.4 |
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
|
11-07-2017 - 01:29 | 31-12-2002 - 05:00 | |
| CVE-2011-5164 | 9.3 |
Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response.
|
17-09-2012 - 04:00 | 15-09-2012 - 17:55 |