| Max CVSS | 8.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-6490 | 4.3 |
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (cid, value, element, mode, tab, form_name, id) passed to the EPESI-master/modules/Utils/Recor
|
04-01-2022 - 18:09 | 05-03-2017 - 20:59 | |
| CVE-2017-6491 | 4.3 |
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (tooltip_id, callback, args, cid) passed to the EPESI-master/modules/Utils/Tooltip/req.php URL
|
04-01-2022 - 18:09 | 05-03-2017 - 20:59 | |
| CVE-2017-6488 | 4.3 |
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (visible, tab, cid) passed to the EPESI-master/modules/Utils/RecordBrowser/Filters/save_filter
|
04-01-2022 - 18:07 | 05-03-2017 - 20:59 | |
| CVE-2017-6489 | 4.3 |
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (element, state, cat, id, cid) passed to the EPESI-master/modules/Utils/Watchdog/subscribe.php
|
04-01-2022 - 18:07 | 05-03-2017 - 20:59 | |
| CVE-2015-7674 | 6.8 |
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which trig
|
30-10-2018 - 16:27 | 26-10-2015 - 17:59 | |
| CVE-2006-1132 | 7.5 |
SQL injection vulnerability in show.php in vbzoom 1.11 allow remote attackers to execute arbitrary SQL commands via the MainID parameter. NOTE: the SubjectID vector is already covered by CVE-2005-4729.
|
18-10-2018 - 16:30 | 10-03-2006 - 02:02 | |
| CVE-2014-5259 | 4.3 |
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
|
09-10-2018 - 19:50 | 12-09-2014 - 14:55 | |
| CVE-2014-4735 | 4.3 |
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.
|
09-10-2018 - 19:49 | 12-09-2014 - 14:55 | |
| CVE-2014-5505 | 6.8 |
Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.
|
08-09-2017 - 01:29 | 04-09-2014 - 17:55 | |
| CVE-2014-3094 | 8.5 |
Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code via a crafted ALTER MODULE statement.
|
29-08-2017 - 01:34 | 04-09-2014 - 10:55 | |
| CVE-2009-3963 | 7.5 |
Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors.
|
17-08-2017 - 01:31 | 17-11-2009 - 18:30 | |
| CVE-2014-5506 | 6.8 |
Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file. <a href="http://cwe.mitre.org/data/definitions/415.html" target="_blank">CWE-415: Double Free</a>
|
07-01-2017 - 03:00 | 04-09-2014 - 17:55 | |
| CVE-2003-0052 | 5.0 |
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.
|
18-10-2016 - 02:28 | 07-03-2003 - 05:00 | |
| CVE-2007-6390 | 4.3 |
Cross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting (XSS) attacks on the blog p
|
05-09-2008 - 21:33 | 17-12-2007 - 18:46 |