| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-3092 | 9.3 |
Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be levera
|
13-12-2021 - 18:54 | 06-06-2007 - 21:30 | |
| CVE-2007-3091 | 7.1 |
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions
|
23-07-2021 - 15:05 | 06-06-2007 - 21:30 | |
| CVE-2006-1992 | 2.6 |
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of
|
23-07-2021 - 15:03 | 25-04-2006 - 01:02 | |
| CVE-2003-1554 | 4.3 |
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
|
19-10-2018 - 15:29 | 31-12-2003 - 05:00 | |
| CVE-2003-1555 | 5.0 |
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message.
|
19-10-2018 - 15:29 | 31-12-2003 - 05:00 | |
| CVE-2006-5537 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection p
|
17-10-2018 - 21:43 | 26-10-2006 - 17:07 | |
| CVE-2006-5536 | 5.0 |
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
|
17-10-2018 - 21:43 | 26-10-2006 - 17:07 | |
| CVE-2007-3089 | 4.3 |
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript cod
|
16-10-2018 - 16:47 | 06-06-2007 - 21:30 | |
| CVE-2008-0591 | 4.3 |
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by
|
15-10-2018 - 22:01 | 09-02-2008 - 00:00 | |
| CVE-2008-5628 | 6.8 |
SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter.
|
29-09-2017 - 01:32 | 17-12-2008 - 17:30 |