Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2709
The AN_GradeBook WordPress plugin up to and including 5.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example i...
An Gradebook Project An Gradebook
NA
CVE-2023-2636
The AN_GradeBook WordPress plugin up to and including 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber
An Gradebook Project An Gradebook
1 Github repository
4.3
CVSSv2
CVE-2009-2224
Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the g_lang parameter.
An Guestbook An Guestbook 0.7.8
7.5
CVSSv2
CVE-2007-3217
Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the path_inc parameter to (1) index.php in gestion/; (2) identification.php, (3) disconnect.php, (4) loginliste.php, (...
Prototype Of An Php Application Prototype Of An Php Application 0.1
12 EDB exploits
5
CVSSv2
CVE-2019-5927
Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 and previous versions allows remote malicious users to read arbitrary files via unspecified vectors.
Weban An
4.3
CVSSv2
CVE-2002-2378
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote malicious users to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
Nakata An Httpd 1.41d
4.3
CVSSv2
CVE-2008-2414
Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote malicious users to inject arbitrary web script or HTML via the postid parameter.
Aguestbook An Guestbook 0.4
1 EDB exploit
NA
CVE-2024-22113
Open redirect vulnerability in Access analysis CGI An-Analyzer released in 2023 December 31 and previous versions allows a remote unauthenticated malicious user to redirect users to arbitrary websites and conduct phishing attacks via a specially crafted URL.
Anglers-net Cgi An-anlyzer
9
CVSSv2
CVE-2019-5987
Access analysis CGI An-Analyzer released in 2019 June 24 and previous versions allows remote authenticated malicious users to execute arbitrary OS commands via the Management Page.
Anglers-net Cgi An-anlyzer
4.3
CVSSv2
CVE-2009-3367
Multiple cross-site scripting (XSS) vulnerabilities in An image gallery 1.0 allow remote malicious users to inject arbitrary web script or HTML via the path parameter to (1) index.php and (2) main.php, and the (3) show parameter to main.php. NOTE: the provenance of this informati...
Plohni An Image Gallery 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »