Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ark-web vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2676
The A-Form and A-Form bamboo prior to 1.3.6 and 2.x prior to 2.0.3, and A-Form PC and PC/Mobile prior to 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.
Ark-web A-form
Ark-web A-form 2.0.2
Ark-web A-form Pc
Ark-web A-form Pc Mobile
Ark-web A-form Bamboo 2.0.2
Ark-web A-form Bamboo 1.3.5
NA
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
6.1
CVSSv3
CVE-2022-38972
Cross-site scripting vulnerability in Movable Type plugin A-Form versions before 4.1.1 (for Movable Type 7 Series) and versions before 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated malicious user to inject an arbitrary script.
Ark-web A-form
9.8
CVSSv3
CVE-2017-10898
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-member
9.8
CVSSv3
CVE-2017-10899
SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-reserve
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started