| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4140 | 7.5 |
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_global
|
21-11-2019 - 13:29 | 22-12-2009 - 22:30 | |
| CVE-2006-5220 | 5.1 |
Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the webyep_sIncludePath in (1) files in the programm/lib/ directory including (a) WYApplica
|
17-10-2018 - 21:41 | 10-10-2006 - 04:06 | |
| CVE-2013-3524 | 7.5 |
SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS
|
29-08-2017 - 01:33 | 10-05-2013 - 21:55 | |
| CVE-2013-2712 | 4.3 |
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
29-05-2014 - 23:44 | 23-05-2014 - 14:55 | |
| CVE-2013-2713 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user accounts via a crafted request.
|
29-05-2014 - 23:44 | 23-05-2014 - 14:55 |