| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1890 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. NOTE: vector 2 was later reported to af
|
18-10-2018 - 16:37 | 20-04-2006 - 10:02 | |
| CVE-2006-5474 | 7.5 |
The "forgot password" function in OneOrZero Helpdesk before 1.6.5.4 generates insecure passwords by concatenating the current timestamp with the username, which allows remote attackers to gain access as an arbitrary user by requesting a password rese
|
17-10-2018 - 21:43 | 24-10-2006 - 20:07 | |
| CVE-2008-1477 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in busca.php in eForum 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) busca and (2) link parameters.
|
11-10-2018 - 20:34 | 24-03-2008 - 22:44 | |
| CVE-2008-5641 | 7.5 |
SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
|
29-09-2017 - 01:32 | 17-12-2008 - 17:30 |