| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2988 | 7.5 |
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/cr
|
16-10-2018 - 16:46 | 01-06-2007 - 10:30 | |
| CVE-2016-5304 | 4.9 |
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vecto
|
03-09-2017 - 01:29 | 30-06-2016 - 23:59 | |
| CVE-2016-3652 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
03-09-2017 - 01:29 | 30-06-2016 - 23:59 | |
| CVE-2016-3653 | 6.0 |
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
|
03-09-2017 - 01:29 | 30-06-2016 - 23:59 | |
| CVE-2016-4337 | 7.5 |
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
|
19-04-2017 - 19:47 | 12-04-2017 - 22:59 |