Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-4547 | 6.5 |
Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQ
|
17-10-2018 - 21:37 | 06-09-2006 - 00:04 | |
CVE-2006-4546 | 6.5 |
Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ parameter.
|
17-10-2018 - 21:37 | 06-09-2006 - 00:04 | |
CVE-2007-6607 | 5.0 |
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messa
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 | |
CVE-2007-6608 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio 0.5.2-pre4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) LAST and (2) FIRST parameters to admin/staff_del_confirm.php, (3) the name parameter to
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 | |
CVE-2007-6606 | 5.0 |
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 | |
CVE-2008-4721 | 7.5 |
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
|
29-09-2017 - 01:32 | 23-10-2008 - 20:00 | |
CVE-2006-1032 | 7.5 |
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
|
08-03-2011 - 02:31 | 07-03-2006 - 11:02 |