| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-7422 | 5.0 |
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absol
|
24-08-2020 - 17:37 | 19-03-2018 - 14:29 | |
| CVE-2018-8947 | 5.0 |
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
|
03-10-2019 - 00:03 | 25-03-2018 - 16:29 | |
| CVE-2018-7466 | 6.0 |
install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value.
|
05-03-2019 - 13:21 | 25-02-2018 - 07:29 | |
| CVE-2018-9235 | 4.3 |
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
|
02-05-2018 - 15:12 | 04-04-2018 - 07:29 | |
| CVE-2018-7719 | 5.0 |
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
|
18-04-2018 - 15:20 | 25-03-2018 - 16:29 | |
| CVE-2007-5009 | 6.8 |
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. exploitation requires
|
29-09-2017 - 01:29 | 20-09-2007 - 21:17 |