Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
annuaire vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2005-1975
Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in comme...
Annuaire 1two
Annuaire 1two 1.0
445
VMScore
CVE-2006-1433
Annuaire (Directory) 1.0 allows remote malicious users to obtain sensitive information via a direct request to include/lang-en.php, which reveals the full installation path.
Annuaire Directory 1.0
435
VMScore
CVE-2012-0899
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote malicious users to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter.
Annuairephp Annuaire Php
1 EDB exploit
605
VMScore
CVE-2006-1434
Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the Comment Field (COMMENTAIRE parameter).
Annuaire Directory 1.0
755
VMScore
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
685
VMScore
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
685
VMScore
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
760
VMScore
CVE-2008-2995
Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
440
VMScore
CVE-2008-2994
Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
Phpeasydata Phpeasydata 1.5.4
2 EDB exploits
755
VMScore
CVE-2005-1222
cat_for_gen.php in Annuaire Netref 4.2 allows remote malicious users to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php.
Netref Netref 4.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started