Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-1017 | 9.3 |
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open
|
30-10-2018 - 16:25 | 07-03-2006 - 00:02 | |
CVE-2006-4620 | 4.6 |
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbo
|
17-10-2018 - 21:38 | 07-09-2006 - 00:04 | |
CVE-2007-1836 | 9.0 |
The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to
|
16-10-2018 - 16:40 | 03-04-2007 - 00:19 | |
CVE-2008-0100 | 7.5 |
Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file.
|
15-10-2018 - 21:57 | 08-01-2008 - 02:46 | |
CVE-2008-0101 | 7.5 |
Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file.
|
15-10-2018 - 21:57 | 08-01-2008 - 02:46 | |
CVE-2008-4775 | 2.6 |
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db paramet
|
11-10-2018 - 20:52 | 28-10-2008 - 19:46 | |
CVE-2010-5027 | 4.3 |
Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party
|
29-08-2017 - 01:29 | 02-11-2011 - 21:55 | |
CVE-2010-5026 | 6.8 |
SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information.
|
29-08-2017 - 01:29 | 02-11-2011 - 21:55 |