| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-4181 | 6.8 |
PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerabil
|
07-08-2024 - 15:15 | 08-08-2007 - 01:17 | |
| CVE-2007-4180 | 5.0 |
Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter. NOTE: CVE and a reliable third party dispute this
|
07-08-2024 - 15:15 | 08-08-2007 - 01:17 | |
| CVE-2006-2637 | 4.3 |
Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty Guestbook 1, and (3) Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an
|
18-10-2018 - 16:41 | 30-05-2006 - 10:02 | |
| CVE-2006-6340 | 5.0 |
keystone.exe in nVIDIA nView allows attackers to cause a denial of service via a long command line argument. NOTE: it is not clear whether this issue crosses security boundaries. If not, then this is not a vulnerability.
|
17-10-2018 - 21:47 | 07-12-2006 - 01:28 | |
| CVE-2008-2796 | 7.5 |
SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
29-09-2017 - 01:31 | 20-06-2008 - 11:48 |