| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2269 | 4.3 |
Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag.
|
18-10-2018 - 16:38 | 09-05-2006 - 10:02 | |
| CVE-2006-5487 | 10.0 |
Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.
|
17-10-2018 - 21:43 | 10-11-2006 - 22:07 | |
| CVE-2007-3555 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote attackers to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424.
|
15-10-2018 - 21:29 | 04-07-2007 - 15:30 | |
| CVE-2007-3556 | 5.0 |
Liesbeth base CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an include file containing account credentials via a direct request for config.inc.
|
15-10-2018 - 21:29 | 04-07-2007 - 15:30 | |
| CVE-2008-2096 | 6.8 |
SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.
|
11-10-2018 - 20:39 | 07-05-2008 - 19:20 | |
| CVE-2008-5811 | 7.5 |
SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
|
29-09-2017 - 01:32 | 02-01-2009 - 18:11 |