| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2519 | 2.6 |
Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. (dot dot) sequences in the spaw_root parameter. NOTE: CVE analysis suggests that th
|
18-10-2018 - 16:40 | 22-05-2006 - 22:02 | |
| CVE-2007-3579 | 4.3 |
PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element before its attachment to the DOM, which allows remote attackers to inject arbitrary web script.
|
29-07-2017 - 01:32 | 05-07-2007 - 20:30 | |
| CVE-2007-0820 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php.
|
29-07-2017 - 01:30 | 07-02-2007 - 20:28 | |
| CVE-2004-1984 | 5.0 |
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.ph
|
11-07-2017 - 01:31 | 02-05-2004 - 04:00 | |
| CVE-2009-3172 | 7.5 |
Unspecified vulnerability in Hitachi Groupmax Groupware Server 07-00 through 07-50-/A, Groupmax Server Set 03-00 through 06-52, Groupware Server Set 03-00 through 06-52, and Scheduler Server Set 03-00 through 06-52 has unknown impact and attack vecto
|
24-09-2009 - 04:00 | 11-09-2009 - 20:30 | |
| CVE-2005-1310 | 7.5 |
SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.
|
05-09-2008 - 20:48 | 23-04-2005 - 04:00 |