| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-4793 | 5.0 |
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
|
23-10-2018 - 21:29 | 23-01-2017 - 21:59 | |
| CVE-2016-4313 | 6.8 |
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.
|
09-10-2018 - 20:00 | 24-04-2017 - 18:59 | |
| CVE-2018-6190 | 3.5 |
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
|
09-02-2018 - 18:10 | 24-01-2018 - 21:29 | |
| CVE-2007-2890 | 7.5 |
SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter.
|
11-10-2017 - 01:32 | 30-05-2007 - 01:30 | |
| CVE-2010-2507 | 6.8 |
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller param
|
17-08-2017 - 01:32 | 28-06-2010 - 20:30 |