Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
annuaire vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1975
Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in comme...
Annuaire 1two
Annuaire 1two 1.0
NA
CVE-2012-0899
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote malicious users to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter.
Annuairephp Annuaire Php
1 EDB exploit
NA
CVE-2006-1434
Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the Comment Field (COMMENTAIRE parameter).
Annuaire Directory 1.0
NA
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
NA
CVE-2006-1433
Annuaire (Directory) 1.0 allows remote malicious users to obtain sensitive information via a direct request to include/lang-en.php, which reveals the full installation path.
Annuaire Directory 1.0
NA
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
NA
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
NA
CVE-2008-2995
Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
NA
CVE-2008-2994
Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
NA
CVE-2005-1222
cat_for_gen.php in Annuaire Netref 4.2 allows remote malicious users to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php.
Netref Netref 4.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started