| Max CVSS | 7.5 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4362 | 5.0 |
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via
|
04-03-2021 - 20:12 | 24-12-2011 - 19:55 | |
| CVE-2011-4885 | 5.0 |
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
|
09-01-2018 - 02:29 | 30-12-2011 - 01:55 | |
| CVE-2006-2686 | 6.4 |
PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.p
|
19-10-2017 - 01:29 | 31-05-2006 - 10:06 | |
| CVE-2012-5098 | 7.5 |
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
|
29-08-2017 - 01:32 | 23-09-2012 - 17:55 | |
| CVE-2011-5200 | 7.5 |
Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.
|
29-08-2017 - 01:30 | 23-09-2012 - 17:55 | |
| CVE-2011-5203 | 7.5 |
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information.
|
29-08-2017 - 01:30 | 04-10-2012 - 17:55 | |
| CVE-2011-5026 | 4.3 |
Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote attackers to inject arbitrary web script or HTML via the name parameter to index.php. NOTE: some of these details ar
|
29-08-2017 - 01:30 | 29-12-2011 - 04:15 | |
| CVE-2017-7462 | 7.5 |
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.
|
18-04-2017 - 15:59 | 11-04-2017 - 15:59 | |
| CVE-2017-7461 | 6.8 |
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML
|
18-04-2017 - 15:56 | 11-04-2017 - 15:59 | |
| CVE-2011-5204 | 1.9 |
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.
|
05-10-2012 - 04:00 | 04-10-2012 - 17:55 |