| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-5234 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6
|
07-08-2024 - 20:15 | 11-10-2006 - 01:07 | |
| CVE-2008-1171 | 6.8 |
Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE
|
07-08-2024 - 08:15 | 05-03-2008 - 23:44 | |
| CVE-2007-1693 | 7.8 |
The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application c
|
29-11-2018 - 15:46 | 17-05-2007 - 20:30 | |
| CVE-2008-5497 | 7.5 |
BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access by setting the login_auth cookie to true.
|
29-09-2017 - 01:32 | 12-12-2008 - 16:30 | |
| CVE-2005-4245 | 4.3 |
Cross-site scripting (XSS) vulnerability in search.php in Snipe Gallery 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 |