| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4516 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
14-02-2024 - 01:17 | 09-12-2010 - 21:00 | |
| CVE-2018-0432 | 9.0 |
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters
|
09-10-2019 - 23:32 | 05-10-2018 - 14:29 | |
| CVE-2007-4359 | 6.8 |
Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
|
15-10-2018 - 21:34 | 15-08-2007 - 19:17 | |
| CVE-2009-1857 | 9.3 |
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document
|
10-10-2018 - 19:38 | 11-06-2009 - 15:30 | |
| CVE-2002-1336 | 7.5 |
TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
|
10-10-2017 - 01:30 | 11-12-2002 - 05:00 | |
| CVE-2012-6641 | 4.3 |
Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."
|
29-08-2017 - 01:32 | 07-04-2014 - 15:55 | |
| CVE-2012-0253 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via (1) the jsonRequest parameter to Direct/Process, the (2) r or (3) cb parameter to Direc
|
29-08-2017 - 01:30 | 18-04-2012 - 17:55 | |
| CVE-2016-10041 | 4.6 |
An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection,
|
07-01-2017 - 03:00 | 25-12-2016 - 07:59 | |
| CVE-2015-4194 | 5.0 |
The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers to enumera
|
28-12-2016 - 17:42 | 19-06-2015 - 01:59 |