| Max CVSS | 9.0 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-0394 | 6.8 |
The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerabi
|
17-05-2024 - 00:51 | 08-01-2012 - 15:55 | |
| CVE-2007-0388 | 7.5 |
SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.
|
19-10-2017 - 01:29 | 19-01-2007 - 23:28 | |
| CVE-2014-1683 | 6.8 |
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS before 1.1 r248-04, when the pid parameter is 4, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) name,
|
29-08-2017 - 01:34 | 29-01-2014 - 18:55 | |
| CVE-2014-3220 | 9.0 |
F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/authz/users/.
|
23-05-2014 - 04:08 | 05-05-2014 - 17:06 |