| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-4024 | 5.0 |
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form
|
27-12-2019 - 16:08 | 09-06-2015 - 18:59 | |
| CVE-2015-1981 | 2.1 |
Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR
|
16-10-2019 - 12:40 | 28-06-2015 - 14:59 | |
| CVE-2015-4022 | 7.5 |
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ove
|
22-04-2019 - 17:48 | 09-06-2015 - 18:59 | |
| CVE-2015-4025 | 7.5 |
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with
|
22-04-2019 - 17:48 | 09-06-2015 - 18:59 | |
| CVE-2006-1776 | 7.5 |
PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the s parameter.
|
18-10-2018 - 16:36 | 13-04-2006 - 10:02 | |
| CVE-2006-1777 | 7.5 |
Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PH
|
18-10-2018 - 16:36 | 13-04-2006 - 10:02 | |
| CVE-2015-6094 | 9.3 |
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mic
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
| CVE-2008-4727 | 4.3 |
Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultan
|
11-10-2018 - 20:52 | 24-10-2008 - 00:00 | |
| CVE-2003-1479 | 4.3 |
Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2017-7448 | 4.3 |
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
|
12-04-2017 - 01:59 | 05-04-2017 - 23:59 | |
| CVE-2015-3939 | 6.8 |
Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web server, as demonstrated by reading a TELNET credenti
|
06-12-2016 - 03:01 | 31-05-2015 - 17:59 |