| Max CVSS | 9.3 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2645 | 7.5 |
PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version
|
18-10-2018 - 16:41 | 30-05-2006 - 10:02 | |
| CVE-2006-6349 | 7.5 |
Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the
|
17-10-2018 - 21:47 | 07-12-2006 - 01:28 | |
| CVE-2008-3033 | 9.3 |
RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flu
|
11-10-2018 - 20:45 | 07-07-2008 - 18:41 | |
| CVE-2008-3034 | 7.5 |
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
|
11-10-2018 - 20:45 | 07-07-2008 - 18:41 | |
| CVE-2007-4210 | 7.5 |
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGC
|
29-07-2017 - 01:32 | 08-08-2007 - 02:17 |