| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-7146 | 7.5 |
PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280.
|
17-05-2024 - 00:32 | 07-03-2007 - 20:19 | |
| CVE-2006-0469 | 4.3 |
Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG tag.
|
19-10-2018 - 15:44 | 30-01-2006 - 18:03 | |
| CVE-2006-4131 | 7.5 |
Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service)
|
17-10-2018 - 21:33 | 14-08-2006 - 23:04 | |
| CVE-2006-4132 | 5.0 |
ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948.
|
17-10-2018 - 21:33 | 14-08-2006 - 23:04 | |
| CVE-2007-5361 | 8.5 |
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows r
|
15-10-2018 - 21:44 | 20-11-2007 - 19:46 | |
| CVE-2008-2268 | 4.3 |
Open redirect vulnerability in interface/redirect.htm.php in Mjguest 6.7 GT Rev.01 allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter in a redirect action to mjg
|
11-10-2018 - 20:40 | 16-05-2008 - 12:54 | |
| CVE-2008-2198 | 6.8 |
PHP remote file inclusion vulnerability in kmitaadmin/kmitat/htmlcode.php in Kmita Tellfriend 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2008-2178 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the searchTerms parameter in an editArticleCategories operation (aka an admin category search).
|
11-10-2018 - 20:39 | 13-05-2008 - 22:20 | |
| CVE-2008-2187 | 4.3 |
Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attackers to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php.
|
11-10-2018 - 20:39 | 13-05-2008 - 22:20 | |
| CVE-2008-2199 | 6.8 |
PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2008-2191 | 6.8 |
SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and earlier for PostNuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2008-2176 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attackers to inject arbitrary web script or HTML via the catname parameter.
|
11-10-2018 - 20:39 | 13-05-2008 - 22:20 | |
| CVE-2008-2188 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5)
|
11-10-2018 - 20:39 | 13-05-2008 - 22:20 | |
| CVE-2008-2196 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2008-2189 | 6.8 |
SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2008-2190 | 6.8 |
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also af
|
11-10-2018 - 20:39 | 14-05-2008 - 17:20 | |
| CVE-2011-2577 | 7.8 |
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP
|
09-10-2018 - 19:32 | 31-08-2011 - 23:55 | |
| CVE-2008-4526 | 10.0 |
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php
|
29-09-2017 - 01:32 | 09-10-2008 - 18:14 |