Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-1027 | 5.0 |
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message.
|
18-10-2018 - 16:30 | 07-03-2006 - 00:02 | |
CVE-2006-1028 | 7.8 |
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.
|
18-10-2018 - 16:30 | 07-03-2006 - 00:02 | |
CVE-2006-4652 | 7.5 |
(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
|
17-10-2018 - 21:38 | 09-09-2006 - 00:04 | |
CVE-2006-4653 | 5.0 |
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_se
|
17-10-2018 - 21:38 | 09-09-2006 - 00:04 | |
CVE-2007-0012 | 4.3 |
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the a
|
16-10-2018 - 16:30 | 09-01-2008 - 23:46 | |
CVE-2011-2763 | 7.5 |
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
|
09-10-2018 - 19:33 | 02-09-2011 - 16:55 | |
CVE-2008-4758 | 5.0 |
Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter.
|
29-09-2017 - 01:32 | 28-10-2008 - 02:00 | |
CVE-2007-1882 | 6.5 |
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
|
29-07-2017 - 01:31 | 06-04-2007 - 01:19 |