Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-2224
Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the g_lang parameter.
An Guestbook An Guestbook 0.7.8
NA
CVE-2023-2636
The AN_GradeBook WordPress plugin up to and including 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber
An Gradebook Project An Gradebook
1 Github repository
NA
CVE-2023-2709
The AN_GradeBook WordPress plugin up to and including 5.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example i...
An Gradebook Project An Gradebook
7.5
CVSSv2
CVE-2007-3217
Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the path_inc parameter to (1) index.php in gestion/; (2) identification.php, (3) disconnect.php, (4) loginliste.php, (...
Prototype Of An Php Application Prototype Of An Php Application 0.1
12 EDB exploits
5
CVSSv2
CVE-2019-5927
Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 and previous versions allows remote malicious users to read arbitrary files via unspecified vectors.
Weban An
4.3
CVSSv2
CVE-2008-2414
Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote malicious users to inject arbitrary web script or HTML via the postid parameter.
Aguestbook An Guestbook 0.4
1 EDB exploit
4.3
CVSSv2
CVE-2002-2378
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote malicious users to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
Nakata An Httpd 1.41d
9
CVSSv2
CVE-2019-5987
Access analysis CGI An-Analyzer released in 2019 June 24 and previous versions allows remote authenticated malicious users to execute arbitrary OS commands via the Management Page.
Anglers-net Cgi An-anlyzer
5
CVSSv2
CVE-2019-5990
Access analysis CGI An-Analyzer released in 2019 June 24 and previous versions allow remote malicious users to obtain a login password via HTTP referer.
Anglers-net Cgi An-anlyzer
NA
CVE-2024-22113
Open redirect vulnerability in Access analysis CGI An-Analyzer released in 2023 December 31 and previous versions allows a remote unauthenticated malicious user to redirect users to arbitrary websites and conduct phishing attacks via a specially crafted URL.
Anglers-net Cgi An-anlyzer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »