| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-5031 | 4.3 |
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request
|
12-02-2021 - 17:24 | 22-07-2012 - 16:55 | |
| CVE-2009-4137 | 7.5 |
The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does not validate strings obtained from cookies before calling the unserialize function, which allows remote attackers to execute arbitrary code or upload arbitrary files via v
|
21-11-2019 - 13:29 | 24-12-2009 - 16:30 | |
| CVE-2009-4418 | 5.0 |
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: s
|
30-10-2018 - 16:25 | 24-12-2009 - 17:30 |