Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-1257 | 7.5 |
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.
|
18-10-2018 - 16:31 | 19-03-2006 - 01:02 | |
CVE-2006-4829 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi
|
17-10-2018 - 21:39 | 15-09-2006 - 22:07 | |
CVE-2007-2153 | 6.8 |
Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
|
16-10-2018 - 16:42 | 19-04-2007 - 10:19 | |
CVE-2008-0496 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in AmpJuke 0.7.0 allows remote attackers to inject arbitrary web script or HTML via the limit parameter in a search action.
|
15-10-2018 - 22:00 | 30-01-2008 - 22:00 | |
CVE-2008-5074 | 7.5 |
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
|
29-09-2017 - 01:32 | 14-11-2008 - 18:07 |