| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3075 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photo
|
18-10-2018 - 16:45 | 19-06-2006 - 10:02 | |
| CVE-2007-2816 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php
|
11-10-2017 - 01:32 | 22-05-2007 - 21:30 | |
| CVE-2010-5032 | 7.5 |
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.
|
29-08-2017 - 01:29 | 02-11-2011 - 21:55 | |
| CVE-2010-5041 | 7.5 |
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
|
29-08-2017 - 01:29 | 02-11-2011 - 21:55 | |
| CVE-2010-2147 | 4.3 |
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php.
|
17-08-2017 - 01:32 | 03-06-2010 - 14:30 | |
| CVE-2004-1984 | 5.0 |
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.ph
|
11-07-2017 - 01:31 | 02-05-2004 - 04:00 | |
| CVE-2010-5040 | 6.8 |
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtaine
|
16-11-2011 - 05:00 | 02-11-2011 - 21:55 | |
| CVE-2010-2314 | 6.8 |
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter
|
18-06-2010 - 04:00 | 17-06-2010 - 16:30 | |
| CVE-2010-2144 | 4.3 |
Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party informati
|
04-06-2010 - 04:00 | 03-06-2010 - 14:30 |