Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aj-fork aj-fork 167 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2004-1571
AJ-Fork 167 allows remote malicious users to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-dis...
Aj-fork Aj-fork 167
445
VMScore
CVE-2004-1572
AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote malicious users to list files in those directories via a direct HTTP request.
Aj-fork Aj-fork 167
641
VMScore
CVE-2004-1573
The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.
Cutephp Cutenews 0.88
Cutephp Cutenews 1.3
Cutephp Cutenews 1.3.1
Cutephp Cutenews 1.3.2
Cutephp Cutenews 1.3.6
Aj-fork Aj-fork 167
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started