Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-4838 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx
|
13-02-2023 - 02:16 | 31-12-2005 - 05:00 | |
CVE-2003-0060 | 7.5 |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerbe
|
21-01-2020 - 15:44 | 19-02-2003 - 05:00 | |
CVE-2009-0185 | 9.3 |
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
|
30-10-2018 - 16:25 | 02-06-2009 - 18:30 | |
CVE-2006-2029 | 6.4 |
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php
|
18-10-2018 - 16:37 | 26-04-2006 - 00:06 | |
CVE-2008-6132 | 6.8 |
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.
|
29-09-2017 - 01:32 | 13-02-2009 - 18:30 | |
CVE-2008-6097 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to index.php/Special/Main/keywordSearch, (2) revNum parameter to index.php/Edit/Main/
|
08-08-2017 - 01:33 | 09-02-2009 - 17:30 | |
CVE-2008-3060 | 5.0 |
V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input in the login page (includes/local.hooks.php) and (2) an invalid session ID, which reveals the installation path in an error message.
|
08-08-2017 - 01:31 | 08-10-2008 - 00:00 | |
CVE-2008-3063 | 7.5 |
SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter.
|
08-08-2017 - 01:31 | 08-10-2008 - 00:00 | |
CVE-2008-3061 | 4.3 |
Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter.
|
08-08-2017 - 01:31 | 08-10-2008 - 00:09 |