| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2002-0075 | 7.5 |
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
| CVE-2007-0182 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in magic photo storage website allow remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter to (1) admin_password.php, (2) add_welcome_text.php, (3) admin_email.
|
16-10-2018 - 16:31 | 12-01-2007 - 05:04 | |
| CVE-2007-0155 | 7.5 |
HarikaOnline 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for harikaonline.mdb.
|
16-10-2018 - 16:31 | 09-01-2007 - 18:28 | |
| CVE-2000-0689 | 7.5 |
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
|
11-07-2017 - 01:29 | 20-10-2000 - 04:00 |