| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1233 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
| CVE-2007-4811 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or the PATH_INFO to (2) random.php or (3) admin/
|
15-10-2018 - 21:38 | 11-09-2007 - 18:17 | |
| CVE-2007-4804 | 7.5 |
Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171
|
29-09-2017 - 01:29 | 11-09-2007 - 18:17 | |
| CVE-2007-5840 | 6.8 |
PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2.
|
29-09-2017 - 01:29 | 06-11-2007 - 21:46 | |
| CVE-2014-8654 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway hardware 1.0 with firmware CH6640-3.5.11.7-NOSH allow remote attackers to hijack the authentication of administrators f
|
08-09-2017 - 01:29 | 06-11-2014 - 15:55 | |
| CVE-2007-1252 | 9.3 |
Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained fr
|
29-07-2017 - 01:30 | 03-03-2007 - 20:19 | |
| CVE-2003-1208 | 10.0 |
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FR
|
11-07-2017 - 01:29 | 03-12-2004 - 05:00 | |
| CVE-2007-5948 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters.
|
08-03-2011 - 03:01 | 14-11-2007 - 01:46 | |
| CVE-2007-5951 | 7.5 |
SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
08-03-2011 - 03:01 | 14-11-2007 - 01:46 | |
| CVE-2007-5952 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are
|
15-11-2008 - 07:02 | 14-11-2007 - 01:46 | |
| CVE-2007-4813 | 4.3 |
Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 Beta 7 allows remote attackers to inject arbitrary web script or HTML via the name field. NOTE: the provenance of this information is unknown; the details are obtained solely from th
|
15-11-2008 - 06:58 | 11-09-2007 - 18:17 |