| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1232 | 7.5 |
Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) key and (2) category parameters to (a) search.php and (b) downloads.php. "magic_quotes_gpc"
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
| CVE-2006-4975 | 2.6 |
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service.
|
17-10-2018 - 21:40 | 25-09-2006 - 01:07 | |
| CVE-2007-2262 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow remote attackers to execute arbitrary PHP code via a URL in the (1) relPath and (2) folder parameters. NOTE: this product was originally reported as "F
|
16-10-2018 - 16:42 | 25-04-2007 - 17:19 | |
| CVE-2008-0656 | 10.0 |
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
|
15-10-2018 - 22:02 | 07-02-2008 - 21:00 | |
| CVE-2008-5217 | 5.1 |
Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
|
29-09-2017 - 01:32 | 24-11-2008 - 17:30 |