| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1096 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in NZ Ecommerce allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but resear
|
07-08-2024 - 17:15 | 09-03-2006 - 13:06 | |
| CVE-2006-1098 | 7.5 |
Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the resea
|
07-08-2024 - 17:15 | 09-03-2006 - 13:06 | |
| CVE-2003-1067 | 7.2 |
Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.
|
30-10-2018 - 16:26 | 19-06-2003 - 04:00 | |
| CVE-2009-4565 | 7.5 |
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a
|
19-09-2017 - 01:29 | 04-01-2010 - 21:30 | |
| CVE-2008-1040 | 10.0 |
Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.
|
08-03-2011 - 03:05 | 27-02-2008 - 19:44 |