| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-10271 | 5.0 |
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauth
|
03-10-2019 - 00:03 | 19-10-2017 - 17:29 | |
| CVE-2007-1427 | 5.0 |
Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the pdf_file parameter.
|
16-10-2018 - 16:38 | 13-03-2007 - 01:19 | |
| CVE-2014-2009 | 5.0 |
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.
|
29-08-2017 - 01:34 | 12-09-2014 - 14:55 | |
| CVE-2014-2008 | 7.5 |
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
|
29-08-2017 - 01:34 | 12-09-2014 - 14:55 |