Filtered by vendor Pluxml
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3432 | 1 Pluxml | 1 Pluxml | 2018-10-16 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename. | |||||
| CVE-2007-3542 | 1 Pluxml | 1 Pluxml | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2012-4675 | 1 Pluxml | 1 Pluxml | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update. | |||||
| CVE-2012-2227 | 1 Pluxml | 1 Pluxml | 2017-08-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | |||||
| CVE-2012-4674 | 1 Pluxml | 1 Pluxml | 2012-08-27 | 5.0 MEDIUM | N/A |
| PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID. | |||||