| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-9129 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) at
|
02-02-2023 - 17:54 | 05-12-2014 - 15:59 | |
| CVE-2008-0132 | 5.0 |
Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attacker
|
24-10-2022 - 13:30 | 08-01-2008 - 11:46 | |
| CVE-2015-2755 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS)
|
09-10-2018 - 19:56 | 01-04-2015 - 14:59 | |
| CVE-2014-3111 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Management page, (2) Image Name field to the Image Man
|
09-10-2018 - 19:43 | 21-10-2014 - 16:55 | |
| CVE-2009-4099 | 7.5 |
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these deta
|
17-08-2017 - 01:31 | 29-11-2009 - 13:08 | |
| CVE-2003-1536 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2006-1270 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Description field. NOTE: the provenance of this information is unknown; the deta
|
20-07-2017 - 01:30 | 19-03-2006 - 02:02 | |
| CVE-2017-7277 | 6.6 |
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds
|
31-03-2017 - 17:02 | 28-03-2017 - 06:59 | |
| CVE-2015-4841 | 4.3 |
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM IP2014 and IP2015 allows remote attackers to affect confidentiality via unknown vectors related to Services.
|
24-12-2016 - 02:59 | 21-10-2015 - 23:59 |