Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-4863 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
|
30-10-2018 - 16:27 | 05-10-2011 - 10:55 | |
CVE-2006-2212 | 6.4 |
Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command.
|
18-10-2018 - 16:38 | 05-05-2006 - 12:46 | |
CVE-2006-5782 | 7.8 |
radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or crea
|
17-10-2018 - 21:45 | 09-11-2006 - 00:07 | |
CVE-2007-3339 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in forum/include/error/autherror.cfm in FuseTalk Basic, Standard, Enterprise, and ColdFusion allow remote attackers to inject arbitrary web script or HTML via the (1) FTVAR_LINKP and (2) FTVAR_URLP
|
16-10-2018 - 16:48 | 21-06-2007 - 21:30 | |
CVE-2008-1990 | 7.5 |
Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
CVE-2008-1991 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in Acidcat CMS 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the field parameter.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
CVE-2008-1992 | 7.5 |
Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mail_aspemail.asp, (2) default_mail_cdosys.asp or (3) default_mail_jmail.asp, which allows remote attackers to bypass restrictions and relay email messages with modified From, FromNam
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
CVE-2008-1993 | 7.5 |
Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
CVE-2010-4865 | 7.5 |
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
|
10-10-2018 - 20:08 | 05-10-2011 - 10:55 | |
CVE-2010-4870 | 7.5 |
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
|
10-10-2018 - 20:08 | 07-10-2011 - 10:55 | |
CVE-2010-4868 | 4.3 |
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
|
10-10-2018 - 20:08 | 05-10-2011 - 10:55 | |
CVE-2010-4867 | 7.5 |
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
|
10-10-2018 - 20:08 | 05-10-2011 - 10:55 | |
CVE-2008-5780 | 5.0 |
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing passwords via a direct request for blog.mdb.
|
29-09-2017 - 01:32 | 30-12-2008 - 20:30 | |
CVE-2010-4873 | 4.3 |
Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
29-08-2017 - 01:29 | 07-10-2011 - 10:55 | |
CVE-2010-4866 | 7.5 |
SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.
|
29-08-2017 - 01:29 | 05-10-2011 - 10:55 | |
CVE-2010-4872 | 7.5 |
SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter.
|
29-08-2017 - 01:29 | 07-10-2011 - 10:55 | |
CVE-2011-1485 | 6.9 |
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
|
19-12-2012 - 04:39 | 31-05-2011 - 20:55 | |
CVE-2011-2628 | 10.0 |
Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload.
|
14-02-2012 - 04:07 | 01-07-2011 - 10:55 | |
CVE-2010-4864 | 7.5 |
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php.
|
14-02-2012 - 04:02 | 05-10-2011 - 10:55 |