| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4205 | 7.5 |
SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a Search action to index.php. NOTE: some of these details are obtained from third p
|
11-10-2018 - 20:51 | 24-09-2008 - 14:56 | |
| CVE-2008-4207 | 5.0 |
Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which allows remote attackers to obtain sensitive information via a direct request, which invokes the phpinfo function. NOTE: some of these details are obtaine
|
11-10-2018 - 20:51 | 24-09-2008 - 14:56 | |
| CVE-2009-1932 | 6.8 |
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers
|
29-09-2017 - 01:34 | 04-06-2009 - 20:30 | |
| CVE-2008-6457 | 7.5 |
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2008-6456 | 7.5 |
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2008-6462 | 7.5 |
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2008-6460 | 7.5 |
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2008-6459 | 7.5 |
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2008-6458 | 7.5 |
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:29 | 13-03-2009 - 10:30 | |
| CVE-2003-1184 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs."
|
11-07-2017 - 01:29 | 03-11-2003 - 05:00 | |
| CVE-2008-6463 | 7.5 |
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified
|
19-08-2009 - 05:23 | 13-03-2009 - 10:30 | |
| CVE-2007-2314 | 6.8 |
Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter to (a) configurer.php, (b) connect.ph
|
05-09-2008 - 21:22 | 26-04-2007 - 21:19 |