| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9833 | 7.8 |
/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on o
|
05-08-2024 - 18:15 | 24-06-2017 - 02:29 | |
| CVE-2015-2843 | 7.5 |
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_
|
09-10-2018 - 19:56 | 12-05-2015 - 19:59 | |
| CVE-2015-2845 | 10.0 |
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.
|
09-10-2018 - 19:56 | 12-05-2015 - 19:59 | |
| CVE-2017-10688 | 5.0 |
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack.
|
22-03-2018 - 01:29 | 29-06-2017 - 23:29 | |
| CVE-2007-4032 | 6.8 |
Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file.
|
29-09-2017 - 01:29 | 27-07-2007 - 22:30 | |
| CVE-2017-9834 | 7.5 |
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
|
18-09-2017 - 17:01 | 07-09-2017 - 14:29 |