| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2544 | 7.5 |
PHP remote file inclusion vulnerability in templates/default/tpl_message.php in PHP TopTree BBS 2.0.1a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the right_file parameter.
|
11-10-2017 - 01:32 | 09-05-2007 - 01:19 | |
| CVE-2007-3611 | 9.3 |
admin.php in VRNews 1.1.1, and possibly other 1.x versions, does not require authentication, which allows remote attackers to perform certain administrative actions via a direct request with a (1) edit, (2) add, (3) config, or (4) del value in the ac
|
29-09-2017 - 01:29 | 06-07-2007 - 19:30 | |
| CVE-2009-3363 | 4.3 |
Cross-site scripting (XSS) vulnerability in the BUEditor module 5.x before 5.x-1.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the "plain textarea editor."
|
17-08-2017 - 01:31 | 24-09-2009 - 16:30 | |
| CVE-2005-1288 | 7.5 |
inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie.
|
18-10-2016 - 03:18 | 02-05-2005 - 04:00 | |
| CVE-2004-2568 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields.
|
08-03-2011 - 02:19 | 31-12-2004 - 05:00 |