| Max CVSS | 7.6 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-3080 | 7.6 |
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors.
|
14-04-2020 - 14:13 | 01-05-2012 - 10:12 | |
| CVE-2005-4223 | 7.5 |
Multiple "potential" SQL injection vulnerabilities in Utopia News Pro (UNP) 1.1.4 might allow remote attackers to execute arbitrary SQL commands via (1) the newsid parameter in editnews.php, (2) the catid and question parameters in faq.php, (3) the p
|
19-10-2018 - 15:40 | 14-12-2005 - 11:03 | |
| CVE-2000-1132 | 6.4 |
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
|
10-10-2017 - 01:29 | 09-01-2001 - 05:00 | |
| CVE-2014-9567 | 7.5 |
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to th
|
08-09-2017 - 01:29 | 07-01-2015 - 18:59 | |
| CVE-2011-0412 | 2.1 |
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks. http://www.oracle
|
17-08-2017 - 01:33 | 19-04-2011 - 19:55 | |
| CVE-2005-1803 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter
|
05-09-2008 - 20:50 | 29-05-2005 - 04:00 |