| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-3352 | 4.3 |
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
|
19-01-2024 - 15:12 | 13-12-2005 - 20:03 | |
| CVE-2005-2407 | 5.1 |
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijack
|
28-02-2022 - 16:29 | 01-08-2005 - 04:00 | |
| CVE-2000-0762 | 10.0 |
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.
|
09-04-2021 - 13:53 | 20-10-2000 - 04:00 | |
| CVE-2005-4213 | 7.5 |
SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie.
|
19-10-2018 - 15:40 | 14-12-2005 - 11:03 | |
| CVE-2005-4212 | 5.0 |
Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable.
|
19-10-2018 - 15:40 | 14-12-2005 - 11:03 | |
| CVE-2005-4211 | 7.5 |
PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable.
|
19-10-2018 - 15:40 | 14-12-2005 - 11:03 | |
| CVE-2017-2133 | 6.5 |
SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
07-11-2017 - 20:24 | 20-10-2017 - 11:29 | |
| CVE-2006-6612 | 7.5 |
PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the basepath_start parameter.
|
19-10-2017 - 01:29 | 18-12-2006 - 02:28 | |
| CVE-2013-3487 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified HTML header fields to (1) 400.php, (2) 4
|
29-08-2017 - 01:33 | 03-03-2014 - 16:55 | |
| CVE-2005-4217 | 7.5 |
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.
|
20-07-2017 - 01:29 | 14-12-2005 - 11:03 | |
| CVE-2005-4247 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Plogger Beta 2 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter.
|
22-10-2012 - 04:00 | 14-12-2005 - 11:03 | |
| CVE-2005-4246 | 7.5 |
SQL injection vulnerability in Plogger Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php and (2) page parameter.
|
22-10-2012 - 04:00 | 14-12-2005 - 11:03 | |
| CVE-2005-4234 | 7.5 |
SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 | |
| CVE-2005-4228 | 7.5 |
Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.p
|
07-03-2011 - 05:00 | 14-12-2005 - 11:03 |