| Max CVSS | 7.6 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1897 | 5.0 |
Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote (') or possibly other invalid value in the storeid parameter in store.wml i
|
18-10-2018 - 16:37 | 20-04-2006 - 10:02 | |
| CVE-2006-5459 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) $_ENGINE[eng_dir] and possibly (2) spaw_root parameters in admin/includes/spaw/spaw_scri
|
17-10-2018 - 21:43 | 23-10-2006 - 17:07 | |
| CVE-2007-2968 | 4.3 |
Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter (Full Name field).
|
16-10-2018 - 16:46 | 01-06-2007 - 01:30 | |
| CVE-2008-1461 | 7.6 |
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controll
|
11-10-2018 - 20:34 | 24-03-2008 - 18:44 | |
| CVE-2008-5602 | 5.0 |
Natterchat 1.12 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for natterchat112.mdb.
|
29-09-2017 - 01:32 | 16-12-2008 - 19:07 |