| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-4487 | 5.0 |
DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.
|
17-10-2018 - 21:37 | 31-08-2006 - 22:04 | |
| CVE-2007-2609 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in sc
|
11-10-2017 - 01:32 | 11-05-2007 - 10:19 | |
| CVE-2005-2471 | 7.5 |
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
|
11-10-2017 - 01:30 | 05-08-2005 - 04:00 | |
| CVE-2013-5527 | 5.7 |
The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.
|
29-08-2017 - 01:33 | 10-10-2013 - 10:55 | |
| CVE-2004-2060 | 5.0 |
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 |