| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-0388 | 3.5 |
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system.
|
03-02-2023 - 02:09 | 17-10-2018 - 19:29 | |
| CVE-2017-5157 | 4.3 |
An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code.
|
31-01-2022 - 20:16 | 13-02-2017 - 21:59 | |
| CVE-2007-4966 | 6.8 |
SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter. An attacker may require credentials to exploit this.
GForge's config
|
19-10-2017 - 01:30 | 18-09-2007 - 22:17 | |
| CVE-2015-5144 | 4.3 |
Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character
|
22-09-2017 - 01:29 | 14-07-2015 - 17:59 | |
| CVE-2012-0960 | 7.5 |
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
|
29-08-2017 - 01:31 | 24-11-2012 - 20:55 | |
| CVE-2010-4623 | 4.0 |
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
|
17-08-2017 - 01:33 | 30-12-2010 - 19:00 | |
| CVE-2002-1091 | 7.5 |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
|
18-10-2016 - 02:23 | 04-10-2002 - 04:00 | |
| CVE-2012-5530 | 2.1 |
The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
|
26-02-2013 - 04:51 | 29-11-2012 - 13:14 | |
| CVE-2012-5564 | 3.3 |
android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.
|
19-02-2013 - 05:00 | 14-02-2013 - 22:55 | |
| CVE-2005-3988 | 7.5 |
SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
08-03-2011 - 02:27 | 04-12-2005 - 22:03 |