Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yektaweb academic web tools 1.4.3.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-2969
Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allows remote malicious users to read arbitrary files via a .. (dot dot) in the dfile parameter.
Yektaweb Academic Web Tools
Yektaweb Academic Web Tools 1.4.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-2968
SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the book_id parameter.
Yektaweb Academic Web Tools
1 EDB exploit
7.5
CVSSv2
CVE-2008-2970
Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allow remote malicious users to hijack web sessions by setting the PHPSESSID parameter to (1) index.php and (2) login.php in homepg/.
Yektaweb Academic Web Tools
1 EDB exploit
6.4
CVSSv2
CVE-2008-2878
Open redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter.
Yektaweb Academic Web Tools
1 EDB exploit
4.3
CVSSv2
CVE-2008-2967
Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to login.php and the (2) glb_sid parameter to hta/htmlare...
Yektaweb Academic Web Tools
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started