| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2143 | 6.5 |
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
|
16-07-2021 - 16:21 | 17-04-2014 - 14:55 | |
| CVE-2017-17588 | 7.5 |
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
|
29-09-2020 - 17:11 | 13-12-2017 - 09:29 | |
| CVE-2017-17588 | 7.5 |
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
|
29-09-2020 - 17:11 | 13-12-2017 - 09:29 | |
| CVE-2014-2531 | 6.5 |
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search a
|
09-10-2018 - 19:43 | 21-10-2014 - 16:55 | |
| CVE-2014-2668 | 5.0 |
Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.
|
16-12-2017 - 02:29 | 28-03-2014 - 16:51 | |
| CVE-2007-0757 | 7.5 |
PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter.
|
19-10-2017 - 01:30 | 06-02-2007 - 02:28 |