Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
annuaire vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-1975
Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in comme...
Annuaire 1two
Annuaire 1two 1.0
4.3
CVSSv2
CVE-2012-0899
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote malicious users to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter.
Annuairephp Annuaire Php
1 EDB exploit
5
CVSSv2
CVE-2006-1433
Annuaire (Directory) 1.0 allows remote malicious users to obtain sensitive information via a direct request to include/lang-en.php, which reveals the full installation path.
Annuaire Directory 1.0
6.8
CVSSv2
CVE-2006-1434
Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the Comment Field (COMMENTAIRE parameter).
Annuaire Directory 1.0
7.5
CVSSv2
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
6.8
CVSSv2
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
6.8
CVSSv2
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
7.5
CVSSv2
CVE-2008-2995
Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
4.3
CVSSv2
CVE-2008-2994
Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
7.5
CVSSv2
CVE-2005-1222
cat_for_gen.php in Annuaire Netref 4.2 allows remote malicious users to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php.
Netref Netref 4.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started