Max CVSS 10.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-1924 6.8
Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) contact_business.php or (2) contact_person.php. NOTE: this issue is disputed by CVE
07-08-2024 - 13:15 10-04-2007 - 23:19
CVE-2006-0829 5.0
Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log".
18-10-2018 - 16:29 21-02-2006 - 23:02
CVE-2006-4651 5.0
Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter.
17-10-2018 - 21:38 09-09-2006 - 00:04
CVE-2008-0184 6.4
Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter.
15-10-2018 - 21:58 09-01-2008 - 22:46
CVE-2008-4779 10.0
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.
29-09-2017 - 01:32 29-10-2008 - 14:22
CVE-2011-2739 8.5
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploade
14-02-2012 - 04:07 09-11-2011 - 23:55
Back to Top Mark selected
Back to Top