Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activeweb contentserver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3013
SQL injection vulnerability in activeWeb contentserver prior to 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors.
Activeweb Contentserver
1 EDB exploit
NA
CVE-2007-3017
The WYSIWYG editor applet in activeWeb contentserver CMS prior to 5.6.2964 only filters malicious tags from articles sent to admin/applets/wysiwyg/rendereditor.asp, which allows remote authenticated users to inject arbitrary JavaScript via a request to admin/worklist/worklist_edi...
Activeweb Contentserver
1 EDB exploit
NA
CVE-2007-3014
Multiple cross-site scripting (XSS) vulnerabilities in activeWeb contentserver prior to 5.6.2964 allow remote malicious users to inject arbitrary web script or HTML via the msg parameter to (1) errors/rights.asp or (2) errors/transaction.asp, or (3) the name of a MIME type (mimet...
Activeweb Contentserver
2 EDB exploits
NA
CVE-2007-3018
activeWeb contentserver CMS prior to 5.6.2964 does not limit the file-creation ability of editors who have restricted accounts, which allows these editors to create files in arbitrary directories.
Activeweb Contentserver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started