| Max CVSS | 7.5 | Min CVSS | 5.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-6865 | 7.5 |
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
|
01-07-2019 - 16:48 | 14-07-2009 - 14:30 | |
| CVE-2007-0211 | 7.2 |
The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of
|
12-10-2018 - 21:42 | 13-02-2007 - 20:28 | |
| CVE-2001-0828 | 5.1 |
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.
|
10-10-2017 - 01:29 | 06-12-2001 - 05:00 | |
| CVE-2010-1588 | 7.5 |
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter.
|
17-08-2017 - 01:32 | 28-04-2010 - 23:30 | |
| CVE-2005-4530 | 5.1 |
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm,
|
20-07-2017 - 01:29 | 28-12-2005 - 01:03 | |
| CVE-2015-2094 | 7.5 |
Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) S
|
30-11-2016 - 03:01 | 09-03-2015 - 14:59 | |
| CVE-2015-2097 | 7.5 |
Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) SDK allow remote attackers to execute arbitrary code via unspecified vectors to the (1) LoadImage or (2) LoadImageEx function in the WESPMonitor.WESPMonitorCtrl.1 control, (3) Cha
|
30-11-2016 - 03:01 | 09-03-2015 - 14:59 | |
| CVE-2014-1915 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of (1) administrators for requests that change the administrator password via an update
|
21-02-2014 - 05:06 | 07-02-2014 - 15:48 | |
| CVE-2012-2352 | 7.5 |
The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) d
|
14-08-2012 - 03:37 | 31-05-2012 - 17:55 |