| Max CVSS | 10.0 | Min CVSS | 5.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1612 | 5.1 |
Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) yname, (2) emailadd, (3) subject, and (4) comment parameters. Successful exploitation require
|
18-10-2018 - 16:33 | 04-04-2006 - 10:04 | |
| CVE-2007-2713 | 10.0 |
ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.
|
16-10-2018 - 16:45 | 16-05-2007 - 10:19 | |
| CVE-2008-0385 | 7.5 |
SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO.
|
15-10-2018 - 21:59 | 29-02-2008 - 19:44 | |
| CVE-2008-5418 | 5.1 |
Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
|
29-09-2017 - 01:32 | 10-12-2008 - 14:00 |