| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-7222 | 2.1 |
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
|
28-02-2023 - 20:45 | 21-03-2019 - 16:01 | |
| CVE-2014-5131 | 4.0 |
Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse.
|
11-03-2019 - 19:26 | 27-03-2018 - 21:29 | |
| CVE-2006-1087 | 6.5 |
Direct static code injection vulnerability in the modify_config action in admin.php for PHP-Stats 0.1.9.1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the option_new[compatibility_mode] parameter, which is
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2006-1083 | 7.5 |
Multiple directory traversal vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the (1) option[language] and (2) option[template] parameters, and (3) possibly oth
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2006-1088 | 5.0 |
PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database table_prefix.
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2006-1085 | 10.0 |
admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of th
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2006-1084 | 7.5 |
Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the option[prefix] parameter in admin.php and other unspecified PHP scripts, and (2) the PC_REMOTE_ADDR HTTP head
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2007-6515 | 7.5 |
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
|
15-10-2018 - 21:54 | 21-12-2007 - 22:46 | |
| CVE-2016-8960 | 6.5 |
IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subs
|
29-03-2017 - 18:30 | 27-03-2017 - 22:59 | |
| CVE-2014-5452 | 4.3 |
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during
|
22-12-2016 - 02:59 | 02-09-2014 - 10:55 | |
| CVE-2003-0033 | 10.0 |
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
|
18-10-2016 - 02:28 | 07-03-2003 - 05:00 |