Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-4107 | 4.3 |
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref
|
09-02-2024 - 02:27 | 17-11-2011 - 19:55 | |
CVE-2006-1082 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the gamename parameter in tellafriend.php, (2) the login_status parameter in loginbox.php, (3
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
CVE-2006-4666 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) ide parameter in (a) article.php; or the (2) pwfile parameter in (b) delete
|
17-10-2018 - 21:38 | 09-09-2006 - 00:04 | |
CVE-2007-1906 | 6.8 |
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
|
16-10-2018 - 16:41 | 10-04-2007 - 23:19 | |
CVE-2008-0229 | 10.0 |
The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireless network to obtain administrative access.
|
15-10-2018 - 21:58 | 10-01-2008 - 23:46 | |
CVE-2008-4871 | 4.3 |
Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and 2.0 Beta 23 allows remote attackers to inject arbitrary web script or HTML via BBcode IMG tags.
|
11-10-2018 - 20:53 | 01-11-2008 - 00:00 |