| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-17394 | 7.5 |
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter.
|
14-11-2018 - 21:40 | 28-09-2018 - 00:29 | |
| CVE-2008-1990 | 7.5 |
Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
| CVE-2008-1991 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in Acidcat CMS 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the field parameter.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
| CVE-2008-1992 | 7.5 |
Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mail_aspemail.asp, (2) default_mail_cdosys.asp or (3) default_mail_jmail.asp, which allows remote attackers to bypass restrictions and relay email messages with modified From, FromNam
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 | |
| CVE-2008-1993 | 7.5 |
Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
|
11-10-2018 - 20:38 | 27-04-2008 - 21:05 |