| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-7168 | 7.5 |
PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
29-03-2021 - 14:36 | 20-03-2007 - 10:19 | |
| CVE-2007-4349 | 4.3 |
The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service
|
30-10-2018 - 16:25 | 23-10-2008 - 22:00 | |
| CVE-2006-0049 | 5.0 |
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
|
19-10-2018 - 15:42 | 13-03-2006 - 21:06 | |
| CVE-2006-4363 | 7.5 |
PHP remote file inclusion vulnerability in admin.cropcanvas.php in the CropImage component (com_cropimage) 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the cropimagedir parameter.
|
17-10-2018 - 21:36 | 27-08-2006 - 02:04 | |
| CVE-2007-6338 | 7.5 |
SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obt
|
15-10-2018 - 21:52 | 15-12-2007 - 01:46 | |
| CVE-2008-4725 | 4.3 |
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a diffe
|
11-10-2018 - 20:52 | 23-10-2008 - 22:00 | |
| CVE-2008-4696 | 4.3 |
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the His
|
11-10-2018 - 20:52 | 23-10-2008 - 22:00 | |
| CVE-2008-4741 | 5.0 |
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
|
11-10-2018 - 20:52 | 27-10-2008 - 17:21 | |
| CVE-2008-4716 | 7.5 |
SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
29-09-2017 - 01:32 | 23-10-2008 - 20:00 | |
| CVE-2008-4748 | 7.6 |
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string
|
29-09-2017 - 01:32 | 27-10-2008 - 20:00 | |
| CVE-2008-4749 | 9.3 |
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile metho
|
29-09-2017 - 01:32 | 27-10-2008 - 20:00 | |
| CVE-2008-4720 | 9.3 |
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php.
|
29-09-2017 - 01:32 | 23-10-2008 - 20:00 | |
| CVE-2008-4750 | 9.3 |
Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogFile property.
|
29-09-2017 - 01:32 | 27-10-2008 - 20:00 | |
| CVE-2008-4721 | 7.5 |
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
|
29-09-2017 - 01:32 | 23-10-2008 - 20:00 | |
| CVE-2008-4729 | 6.8 |
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code executio
|
29-09-2017 - 01:32 | 24-10-2008 - 00:00 | |
| CVE-2008-4740 | 5.1 |
Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot)
|
29-09-2017 - 01:32 | 27-10-2008 - 17:21 | |
| CVE-2008-4620 | 7.5 |
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
|
29-09-2017 - 01:32 | 21-10-2008 - 01:18 | |
| CVE-2010-4917 | 7.5 |
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.
|
29-08-2017 - 01:29 | 08-10-2011 - 10:55 | |
| CVE-2010-1938 | 9.3 |
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly
|
29-07-2011 - 02:37 | 28-05-2010 - 18:30 |