| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-15580 | 7.5 |
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a
|
26-03-2019 - 17:59 | 23-10-2017 - 08:29 | |
| CVE-2007-5225 | 4.9 |
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
|
30-10-2018 - 16:25 | 05-10-2007 - 00:17 | |
| CVE-2018-15138 | 5.0 |
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
|
12-10-2018 - 17:34 | 15-08-2018 - 17:29 | |
| CVE-2018-15153 | 6.5 |
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" global varia
|
10-10-2018 - 17:20 | 15-08-2018 - 17:29 | |
| CVE-2018-14493 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.
|
21-09-2018 - 14:39 | 25-07-2018 - 23:29 |