| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2478 | 5.0 |
Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified back_url during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of
|
18-10-2018 - 16:40 | 19-05-2006 - 17:02 | |
| CVE-2007-2260 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the bibtexrootrel parameter to (1) unavailable.php, (2) source.php, (3) log.php, (4) latex.php, (5) indexinfo
|
16-10-2018 - 16:42 | 25-04-2007 - 17:19 | |
| CVE-2013-5315 | 2.6 |
Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML v
|
29-08-2017 - 01:33 | 19-08-2013 - 23:55 | |
| CVE-2013-4174 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flash_width, or (3) flash_height in the scald_flash_sca
|
29-08-2017 - 01:33 | 19-08-2013 - 23:55 | |
| CVE-2012-3732 | 6.4 |
Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, which allows remote attackers to spoof signed content via an e-mail message in which the From field does not match the signer's identity.
|
29-08-2017 - 01:32 | 20-09-2012 - 21:55 | |
| CVE-2004-1955 | 7.5 |
SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 |