| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-6316 | 4.3 |
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as
|
08-08-2019 - 15:43 | 07-09-2016 - 19:28 | |
| CVE-2007-3097 | 7.5 |
my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter.
|
16-10-2018 - 16:47 | 06-06-2007 - 22:30 | |
| CVE-2017-1668 | 5.8 |
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerabil
|
31-01-2018 - 16:12 | 09-01-2018 - 20:29 | |
| CVE-2007-0824 | 7.5 |
PHP remote file inclusion vulnerability in inhalt.php in LightRO CMS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dateien[news] parameter.
|
19-10-2017 - 01:30 | 07-02-2007 - 22:28 | |
| CVE-2007-3057 | 6.8 |
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplica
|
11-10-2017 - 01:32 | 06-06-2007 - 01:30 | |
| CVE-2007-3082 | 7.8 |
Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter.
|
11-10-2017 - 01:32 | 06-06-2007 - 10:30 | |
| CVE-2001-0564 | 5.0 |
APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card.
|
10-10-2017 - 01:29 | 22-08-2001 - 04:00 | |
| CVE-2008-5307 | 7.5 |
SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information.
|
29-09-2017 - 01:32 | 02-12-2008 - 12:00 | |
| CVE-2014-8895 | 4.3 |
IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.
|
08-09-2017 - 01:29 | 29-01-2015 - 01:59 | |
| CVE-2007-3071 | 9.3 |
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.
|
29-07-2017 - 01:31 | 06-06-2007 - 10:30 | |
| CVE-2007-0067 | 7.8 |
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
|
29-07-2017 - 01:29 | 06-06-2007 - 10:30 |