Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aj-fork vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1571
AJ-Fork 167 allows remote malicious users to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-dis...
Aj-fork Aj-fork 167
NA
CVE-2004-1572
AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote malicious users to list files in those directories via a direct HTTP request.
Aj-fork Aj-fork 167
NA
CVE-2006-6546
PHP remote file inclusion vulnerability in inc/shows.inc.php in cutenews aj-fork (CN:AJ) 167f and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the cutepath parameter.
Cutenews Aj-fork Cutenews Aj-fork Beta
1 EDB exploit
NA
CVE-2004-1573
The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.
Cutephp Cutenews 0.88
Cutephp Cutenews 1.3
Cutephp Cutenews 1.3.1
Cutephp Cutenews 1.3.2
Cutephp Cutenews 1.3.6
Aj-fork Aj-fork 167
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started