Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aweb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1700
Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote malicious users to bypass authentication.
Aweb Scripts Seller
NA
CVE-2006-1699
Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the banner parameter in view mode.
Aweb Banner Generator
1 EDB exploit
NA
CVE-2006-1612
Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) yname, (2) emailadd, (3) subject, and (4) comment parameters.
Aweb Labs Awebnews 1.0
NA
CVE-2006-1613
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Aweb Labs Awebnews 1.0
1 EDB exploit
NA
CVE-2007-1247
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote malicious users to execute arbitrary PHP code via a URL in the path_to_news parameter to (1) listing.php or (2) visview.php.
Aweb Labs Awebnews 1.5
1 EDB exploit
NA
CVE-2006-1638
Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or...
Aweb Labs Awebbb 1.2
NA
CVE-2006-1637
Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) tname or (2) fpost parameters to (a) post.php; (3) fullname, (4) emailadd, (5) country, (6) sig, or (7) otherav parameters to (b) edit...
Aweb Labs Awebbb 1.2
9.8
CVSSv3
CVE-2016-10114
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension prior to 2.6.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.
Awebsupport Aweb Cart Watching System For Virtuemart 2.6.0
NA
CVE-2004-1990
Aldo's Web Server (aweb) 1.5 allows remote malicious users to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.
Aldo Vargas Aldos Web Server 1.5
NA
CVE-2004-1991
Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote malicious users to view arbitrary files via a .. (dot dot) in an HTTP GET request.
Aldostools Aldo\\'s Web Server 1.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started