| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-4862 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[news_url] parameter.
|
15-10-2018 - 21:38 | 30-10-2007 - 21:46 | |
| CVE-2007-4861 | 5.0 |
SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via (1) a direct request for news.php, (2) an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to
|
15-10-2018 - 21:38 | 30-10-2007 - 21:46 | |
| CVE-2007-4863 | 6.8 |
SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter.
|
15-10-2018 - 21:38 | 30-10-2007 - 21:46 |