| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4279 | 10.0 |
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which allows remote attackers to bypass authentication by sending a request to index.php with "admin" in the loginhash_user parameter, in
|
10-10-2018 - 20:07 | 02-12-2010 - 17:15 | |
| CVE-2007-1710 | 4.3 |
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a
|
11-10-2017 - 01:31 | 27-03-2007 - 01:19 | |
| CVE-2012-5244 | 7.5 |
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to fu
|
29-08-2017 - 01:32 | 20-10-2014 - 14:55 | |
| CVE-2014-9308 | 6.5 |
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka WordPress Shopping Cart) plugin before 3.0.9 allows remote authenticated users to execute arbitrary code by uploading a file with an
|
16-01-2015 - 16:29 | 15-01-2015 - 15:59 | |
| CVE-2012-5242 | 6.8 |
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.
|
24-10-2014 - 17:57 | 21-10-2014 - 14:55 | |
| CVE-2012-5243 | 5.0 |
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.
|
24-10-2014 - 17:26 | 21-10-2014 - 14:55 |