Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anelectron advanced electron forum vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-13000
An XSS issue exists in Advanced Electron Forum (AEF) v1.0.9. A persistent XSS vulnerability is located in the `FTP Link` element of the `Private Message` module. The editor of the private message module allows inserting links without sanitizing the content. This allows remote mal...
Anelectron Advanced Electron Forum 1.0.9
NA
CVE-2011-3700
Advanced Electron Forum (AEF) 1.0.8 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopic_lang.php.
Anelectron Advanced Electron Forum 1.0.8
NA
CVE-2009-2545
SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are ob...
Anelectron Advanced Electron Forum 1.0.7
Anelectron Advanced Electron Forum 1.0.8
Anelectron Advanced Electron Forum 1.0.5
Anelectron Advanced Electron Forum 1.0.6
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.2
NA
CVE-2009-2546
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote malicious users to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provena...
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.7
Anelectron Advanced Electron Forum 1.0.8
Anelectron Advanced Electron Forum 1.0.5
Anelectron Advanced Electron Forum 1.0.6
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum 1.0.4
NA
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.5
1 EDB exploit
NA
CVE-2008-1983
Cross-site scripting (XSS) vulnerability in Advanced Electron Forum (AEF) 1.0.6 allows remote malicious users to inject arbitrary web script or HTML via the beg parameter in a members action to index.php.
Anelectron Advanced Electron Forum 1.0.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started