| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1223 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag.
|
18-10-2018 - 16:31 | 14-03-2006 - 11:02 | |
| CVE-2006-4772 | 5.0 |
HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc.
|
17-10-2018 - 21:39 | 14-09-2006 - 00:07 | |
| CVE-2007-2061 | 4.3 |
Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
|
16-10-2018 - 16:41 | 18-04-2007 - 03:19 | |
| CVE-2008-0373 | 7.5 |
Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP files.
|
15-10-2018 - 21:59 | 22-01-2008 - 20:00 | |
| CVE-2008-5000 | 6.8 |
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
|
29-09-2017 - 01:32 | 10-11-2008 - 14:12 |