| Max CVSS | 7.8 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1898 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "A
|
18-10-2018 - 16:37 | 20-04-2006 - 10:02 | |
| CVE-2006-5294 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in phplist before 2.10.3 allows remote attackers to inject arbitrary web script or HTML via the unsubscribeemail parameter. This vulnerability is addressed in the following product release:
PHPLi
|
17-10-2018 - 21:42 | 16-10-2006 - 18:07 | |
| CVE-2007-2790 | 6.8 |
Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the type parameter.
|
16-10-2018 - 16:45 | 22-05-2007 - 00:30 | |
| CVE-2008-0301 | 7.5 |
Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors.
|
15-10-2018 - 21:59 | 11-03-2008 - 23:44 | |
| CVE-2008-5563 | 7.8 |
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. http://secunia.com/advisories/33057
|
11-10-2018 - 20:56 | 15-12-2008 - 18:00 |