| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1657 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the "Login Log" page.
|
18-10-2018 - 16:33 | 07-04-2006 - 10:04 | |
| CVE-2006-5385 | 7.5 |
PHP remote file inclusion vulnerability in admin/admin_spam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
17-10-2018 - 21:42 | 18-10-2006 - 19:07 | |
| CVE-2007-0692 | 5.0 |
DGNews 2.1 allows remote attackers to obtain sensitive information via a fullnews request to news.php with an invalid newsid parameter, and other unspecified vectors, which reveal the path in various error messages.
|
16-10-2018 - 16:33 | 30-05-2007 - 20:30 | |
| CVE-2008-1337 | 5.0 |
The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier for Windows allows remote attackers to cause (1) a denial of service (daemon crash) via an invalid Version field or (2) a denial of service (CPU consumption and daemon termination)
|
11-10-2018 - 20:31 | 14-03-2008 - 20:44 | |
| CVE-2008-1117 | 10.0 |
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, allows remote attackers to upload files to arbitrary locations via a destinat
|
11-10-2018 - 20:29 | 14-03-2008 - 20:44 | |
| CVE-2008-5573 | 7.5 |
SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters.
|
29-09-2017 - 01:32 | 15-12-2008 - 18:00 |