| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-0722 | 2.6 |
settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (
|
19-10-2018 - 15:45 | 16-02-2006 - 11:02 | |
| CVE-2006-4446 | 5.0 |
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first
|
17-10-2018 - 21:37 | 30-08-2006 - 01:04 | |
| CVE-2008-5276 | 9.3 |
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buf
|
11-10-2018 - 20:54 | 03-12-2008 - 17:30 | |
| CVE-2008-5315 | 7.8 |
Directory traversal vulnerability in the web interface in Apple iPhone Configuration Web Utility 1.0 on Windows allows remote attackers to read arbitrary files via unspecified vectors.
|
11-10-2018 - 20:54 | 03-12-2008 - 17:30 | |
| CVE-2010-4958 | 7.5 |
SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
10-10-2018 - 20:08 | 09-10-2011 - 10:55 | |
| CVE-2008-5320 | 6.5 |
SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter.
|
29-09-2017 - 01:32 | 03-12-2008 - 19:30 | |
| CVE-2008-5335 | 6.8 |
SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157,
|
29-09-2017 - 01:32 | 05-12-2008 - 01:30 | |
| CVE-2008-5321 | 7.5 |
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.
|
29-09-2017 - 01:32 | 03-12-2008 - 19:30 | |
| CVE-2008-5337 | 7.5 |
SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-09-2017 - 01:32 | 05-12-2008 - 01:30 | |
| CVE-2008-4416 | 4.6 |
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
|
29-09-2017 - 01:32 | 05-12-2008 - 00:30 | |
| CVE-2008-5338 | 4.3 |
Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
|
29-09-2017 - 01:32 | 05-12-2008 - 01:30 | |
| CVE-2008-5332 | 10.0 |
Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lib parameter to files in lib/action/ including (a) alias.php, (b) cancel.php, (c) context.php, (d) deadlinks.ph
|
29-09-2017 - 01:32 | 05-12-2008 - 01:30 | |
| CVE-2008-4667 | 7.5 |
Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the rss parameter.
|
29-09-2017 - 01:32 | 22-10-2008 - 10:30 | |
| CVE-2007-6466 | 7.5 |
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group paramete
|
29-09-2017 - 01:29 | 20-12-2007 - 00:46 |