| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1891 | 4.3 |
Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a dis
|
18-10-2018 - 16:37 | 20-04-2006 - 10:02 | |
| CVE-2006-5476 | 7.5 |
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
|
17-10-2018 - 21:43 | 24-10-2006 - 20:07 | |
| CVE-2008-0125 | 4.3 |
Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter.
|
15-10-2018 - 21:58 | 24-03-2008 - 22:44 | |
| CVE-2008-5604 | 6.8 |
Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
|
29-09-2017 - 01:32 | 16-12-2008 - 19:07 |