| Max CVSS | 10.0 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1123 | 10.0 |
SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.
|
18-10-2018 - 16:30 | 09-03-2006 - 21:02 | |
| CVE-2006-1122 | 6.8 |
Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
|
18-10-2018 - 16:30 | 09-03-2006 - 21:02 | |
| CVE-2006-4745 | 3.6 |
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
| CVE-2007-1984 | 7.5 |
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter.
|
16-10-2018 - 16:41 | 12-04-2007 - 01:19 | |
| CVE-2008-0382 | 7.5 |
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
|
15-10-2018 - 21:59 | 22-01-2008 - 20:00 | |
| CVE-2008-4921 | 7.5 |
board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to bypass authentication and gain administrator privileges via a direct request. NOTE: some of these details are obtained from third party information.
|
29-09-2017 - 01:32 | 04-11-2008 - 21:00 |