Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-4547 6.5
Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQ
17-10-2018 - 21:37 06-09-2006 - 00:04
CVE-2006-4546 6.5
Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ parameter.
17-10-2018 - 21:37 06-09-2006 - 00:04
CVE-2007-6607 5.0
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messa
15-10-2018 - 21:55 31-12-2007 - 20:46
CVE-2007-6608 4.3
Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio 0.5.2-pre4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) LAST and (2) FIRST parameters to admin/staff_del_confirm.php, (3) the name parameter to
15-10-2018 - 21:55 31-12-2007 - 20:46
CVE-2007-6606 5.0
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
15-10-2018 - 21:55 31-12-2007 - 20:46
CVE-2008-4721 7.5
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
29-09-2017 - 01:32 23-10-2008 - 20:00
CVE-2006-1032 7.5
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
08-03-2011 - 02:31 07-03-2006 - 11:02
Back to Top Mark selected
Back to Top