| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-1549 | 4.3 |
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
|
19-10-2018 - 15:29 | 31-12-2003 - 05:00 | |
| CVE-2003-1548 | 5.0 |
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.
|
19-10-2018 - 15:29 | 31-12-2003 - 05:00 | |
| CVE-2006-1802 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the twg_album parameter.
|
18-10-2018 - 16:36 | 18-04-2006 - 10:02 | |
| CVE-2006-5246 | 5.0 |
Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information.
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
| CVE-2006-5245 | 7.5 |
Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/.
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
| CVE-2006-5247 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vector
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
| CVE-2008-5491 | 7.5 |
SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter.
|
29-09-2017 - 01:32 | 12-12-2008 - 16:30 |