Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ark vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2011-2676
The A-Form and A-Form bamboo prior to 1.3.6 and 2.x prior to 2.0.3, and A-Form PC and PC/Mobile prior to 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.
Ark-web A-form
Ark-web A-form 2.0.2
Ark-web A-form Pc
Ark-web A-form Pc Mobile
Ark-web A-form Bamboo 2.0.2
Ark-web A-form Bamboo 1.3.5
515
VMScore
CVE-2006-6086
PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg_pear_path parameter.
E-ark E-ark 1.0
1 EDB exploit
605
VMScore
CVE-2007-5216
Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the cfg_vcard_path parameter to src/vcard_inc.php or (2) the cfg_phpmailer_path parameter to src/email_inc.php. NOTE: the ark_inc.php...
E-ark E-ark 1.0
383
VMScore
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
383
VMScore
CVE-2011-0459
Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and previous versions, 5.5 up to and including 5.5 patch 4, and 6.0 up to and including 6.0 patch 2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vect...
Cyber-ark Password Vault Web Access 5.5
Cyber-ark Password Vault Web Access 6.0
Cyber-ark Password Vault Web Access
Cyber-ark Password Vault Web Access 4.0
605
VMScore
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such a...
Bandisoft Ark Library
668
VMScore
CVE-2017-10898
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-member
668
VMScore
CVE-2017-10899
SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-reserve
NA
CVE-2022-38972
Cross-site scripting vulnerability in Movable Type plugin A-Form versions before 4.1.1 (for Movable Type 7 Series) and versions before 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated malicious user to inject an arbitrary script.
Ark-web A-form
668
VMScore
CVE-2021-38194
An issue exists in the ark-r1cs-std crate prior to 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified.
Arcworks Ark-r1cs-std
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »