CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cm_imgpath parameter.
Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (PBCS) 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads.
Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php.
Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Links 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_adminheader, (2) msg_adminheader2, (3) msg_adminheader3, (4) msg_adminheader4, and unspecified other parameters to admin/inc/header.php; the (5) msg_script3 and unspecified other parameters to admin/inc/footer.php; and the (6) keywords parameter to index.php in a search action.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script, (2) msg_script2, and (3) msg_script3 parameters to admin/inc/footer.php; and the (4) msg_script2 parameter to admin/inc/header.php.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script and (2) msg_script2 parameters.
Maianaffiliate, Maian_cart, Maian_gallery, Maian_greeting, Maian_greetings, Maian_guestbook, Maian_links, Maian_music, Maian_recipe, Maian_search
2018-10-11
N/A
N/A
SQL injection vulnerability in index.php in Maian Greeting 2.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.