Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-3180 | 3.5 |
Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsu
|
09-10-2019 - 23:27 | 24-07-2018 - 15:29 | |
CVE-2005-4081 | 7.5 |
Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pa
|
19-10-2018 - 15:40 | 08-12-2005 - 01:03 | |
CVE-2007-4975 | 4.3 |
Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.
|
15-10-2018 - 21:39 | 19-09-2007 - 18:17 | |
CVE-2012-5651 | 5.0 |
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 | |
CVE-2012-5652 | 5.0 |
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 | |
CVE-2012-5653 | 6.0 |
The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 | |
CVE-2011-0423 | 7.5 |
The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administrator account, which makes it easier for remote attackers to obtain console access via an HTTP session, a different vulnerability than CVE-2010-0214.
|
17-08-2017 - 01:33 | 12-01-2011 - 01:00 | |
CVE-2010-0214 | 5.0 |
The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive informati
|
17-08-2017 - 01:31 | 12-01-2011 - 01:00 | |
CVE-2002-1195 | 4.3 |
Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.
|
18-10-2016 - 02:24 | 28-10-2002 - 05:00 | |
CVE-2012-5655 | 5.0 |
The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before 7.x-3.0-beta6 for Drupal does not properly restrict access to block content, which allows remote attackers to obtain sensitive information via a crafted request.
|
07-01-2013 - 05:00 | 03-01-2013 - 01:55 |