| Max CVSS | 7.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-3194 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classe
|
07-08-2024 - 14:15 | 12-06-2007 - 23:30 | |
| CVE-2008-4122 | 5.0 |
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
|
25-01-2024 - 20:55 | 19-12-2008 - 17:30 | |
| CVE-2006-2023 | 5.0 |
Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Length value, which leads to an invalid memory access.
|
18-10-2018 - 16:37 | 25-04-2006 - 20:06 | |
| CVE-2006-2022 | 7.5 |
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL.
|
18-10-2018 - 16:37 | 25-04-2006 - 20:06 | |
| CVE-2006-5615 | 7.5 |
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
|
17-10-2018 - 21:43 | 31-10-2006 - 01:07 | |
| CVE-2008-1546 | 7.8 |
servlet/MIMEReceiveServlet in the web controller for Mitsubishi Electric GB-50 and GB-50A air-conditioning control systems allows remote attackers to cause a denial of service (air-conditioning outage) via an XML document containing a setRequest comm
|
11-10-2018 - 20:35 | 28-03-2008 - 23:44 |