| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-3163 | 5.0 |
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue
|
14-02-2024 - 01:17 | 11-06-2007 - 22:30 | |
| CVE-2007-1127 | 6.4 |
Directory traversal vulnerability in enc/stylecss.php in shopkitplus allows remote attackers to read arbitrary files via a .. (dot dot) in the changetheme parameter.
|
16-10-2018 - 16:36 | 27-02-2007 - 02:28 | |
| CVE-2007-2183 | 7.5 |
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter.
|
11-10-2017 - 01:32 | 24-04-2007 - 17:19 | |
| CVE-2006-1156 | 5.0 |
SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp.
|
20-07-2017 - 01:30 | 12-03-2006 - 20:02 | |
| CVE-2004-2112 | 5.0 |
Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2009-1000 | 7.5 |
The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors.
|
23-10-2012 - 03:04 | 15-04-2009 - 10:30 |