| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-0030 | 7.5 |
The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
|
14-02-2024 - 01:17 | 10-10-2017 - 01:30 | |
| CVE-2018-15918 | 5.5 |
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to lea
|
05-07-2022 - 15:12 | 05-09-2018 - 21:29 | |
| CVE-2018-10258 | 6.5 |
A CSV Injection vulnerability was discovered in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
|
24-08-2020 - 17:37 | 01-05-2018 - 19:29 | |
| CVE-2018-16059 | 5.0 |
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
|
21-03-2019 - 16:00 | 07-09-2018 - 22:29 | |
| CVE-2018-0715 | 4.3 |
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
|
02-11-2018 - 17:25 | 27-08-2018 - 13:29 | |
| CVE-2007-5466 | 10.0 |
Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN acti
|
29-09-2017 - 01:29 | 15-10-2007 - 23:17 |