| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-2108 | 7.5 |
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
|
15-02-2024 - 03:29 | 07-05-2008 - 21:20 | |
| CVE-2007-3567 | 7.5 |
MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
|
30-10-2018 - 16:25 | 05-07-2007 - 19:30 | |
| CVE-2006-2282 | 4.3 |
Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php.
|
18-10-2018 - 16:38 | 10-05-2006 - 02:14 | |
| CVE-2006-5905 | 6.4 |
Web Directory Pro allows remote attackers to (1) backup the database and obtain the backup via a direct request to admin/backup_db.php or (2) modify configuration via a direct request to admin/options.php.
|
17-10-2018 - 21:45 | 15-11-2006 - 15:07 | |
| CVE-2008-2107 | 7.5 |
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subse
|
11-10-2018 - 20:39 | 07-05-2008 - 21:20 | |
| CVE-2008-5815 | 7.5 |
SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-09-2017 - 01:32 | 02-01-2009 - 18:11 |