| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2002-0985 | 7.5 |
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and poss
|
13-02-2024 - 18:00 | 24-09-2002 - 04:00 | |
| CVE-2005-3955 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_
|
19-10-2018 - 15:39 | 01-12-2005 - 06:03 | |
| CVE-2007-0995 | 4.3 |
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
|
16-10-2018 - 16:36 | 26-02-2007 - 19:28 | |
| CVE-2005-4596 | 4.3 |
Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter.
|
20-07-2017 - 01:29 | 31-12-2005 - 05:00 | |
| CVE-2005-4169 | 7.5 |
Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) let parameter in a viewlist action to authors.php and (2) sid parameter to viewstory.php.
|
20-07-2017 - 01:29 | 11-12-2005 - 21:03 | |
| CVE-2005-3954 | 4.3 |
Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows remote attackers to inject arbitrary web script or HTML via the u parameter to index.php.
|
20-07-2017 - 01:29 | 01-12-2005 - 06:03 | |
| CVE-2005-3843 | 7.5 |
SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
11-07-2017 - 01:33 | 26-11-2005 - 22:03 | |
| CVE-2013-5785 | 7.5 |
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security an
|
28-01-2014 - 04:56 | 15-01-2014 - 16:11 | |
| CVE-2005-3852 | 7.5 |
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
|
03-07-2013 - 14:48 | 27-11-2005 - 11:03 | |
| CVE-2005-3925 | 7.5 |
Multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) detail[], (2) orderdir, and (3) orderby parameters to find.php, and the (4) i
|
08-03-2011 - 02:27 | 30-11-2005 - 11:03 | |
| CVE-2005-3844 | 7.5 |
SQL injection vulnerability in phpWordPress PHP News and Article Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) poll and (2) category parameters to index.php, and (3) the ctg parameter in an archive action.
|
08-03-2011 - 02:27 | 26-11-2005 - 22:03 |