| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-5448 | 7.5 |
The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Management System (DRM) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long parameter to the StoreLicense function, which trigg
|
17-10-2018 - 21:42 | 23-10-2006 - 17:07 | |
| CVE-2007-2978 | 6.8 |
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
|
16-10-2018 - 16:46 | 01-06-2007 - 01:30 | |
| CVE-2008-1415 | 5.0 |
Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
|
11-10-2018 - 20:33 | 20-03-2008 - 10:44 | |
| CVE-2008-1414 | 4.3 |
Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the tab parameter to (1) index.php, as demonstrated using mixed case and encoded whitespace char
|
11-10-2018 - 20:33 | 20-03-2008 - 10:44 | |
| CVE-2008-5597 | 5.0 |
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for db/cforum.mdb.
|
29-09-2017 - 01:32 | 16-12-2008 - 19:07 | |
| CVE-2006-1060 | 7.5 |
Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be all
|
20-07-2017 - 01:30 | 11-04-2006 - 10:02 |