CVE List

Id CVE No. Status Description Phase Votes Comments Actions
95723  CVE-2016-8903  Candidate  SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter.  Assigned (20161024)  None (candidate not yet proposed)    View
30443  CVE-2008-0326  Candidate  SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php.  Assigned (20080117)  None (candidate not yet proposed)    View
95979  CVE-2016-9159  Candidate  A vulnerability in SIEMENS SIMATIC S7-300 PN CPUs (all versions including V3.2.12) and SIMATIC S7-400 PN CPUs (all versions including V7) could allow a remote attacker to obtain credentials from the PLC if protection-level 2 is configured on the affected devices.  Assigned (20161103)  None (candidate not yet proposed)    View
30699  CVE-2008-0582  Candidate  Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through (1) the SkypeFind dialog and (2) a skype:?skypefind URI for the skype: URI handler.  Assigned (20080204)  None (candidate not yet proposed)    View
96235  CVE-2016-9415  Candidate  MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."  Assigned (20161117)  None (candidate not yet proposed)    View

Page 19331 of 20943, showing 5 records out of 104715 total, starting on record 96651, ending on 96655

Actions