Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aweb vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-1700
Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote malicious users to bypass authentication.
Aweb Scripts Seller
2.6
CVSSv2
CVE-2006-1699
Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the banner parameter in view mode.
Aweb Banner Generator
1 EDB exploit
5.1
CVSSv2
CVE-2006-1612
Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) yname, (2) emailadd, (3) subject, and (4) comment parameters.
Aweb Labs Awebnews 1.0
5
CVSSv2
CVE-2006-1613
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Aweb Labs Awebnews 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-1247
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote malicious users to execute arbitrary PHP code via a URL in the path_to_news parameter to (1) listing.php or (2) visview.php.
Aweb Labs Awebnews 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2006-1637
Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) tname or (2) fpost parameters to (a) post.php; (3) fullname, (4) emailadd, (5) country, (6) sig, or (7) otherav parameters to (b) edit...
Aweb Labs Awebbb 1.2
5.1
CVSSv2
CVE-2006-1638
Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or...
Aweb Labs Awebbb 1.2
7.5
CVSSv2
CVE-2016-10114
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension prior to 2.6.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.
Awebsupport Aweb Cart Watching System For Virtuemart 2.6.0
5
CVSSv2
CVE-2004-1990
Aldo's Web Server (aweb) 1.5 allows remote malicious users to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.
Aldo Vargas Aldos Web Server 1.5
5
CVSSv2
CVE-2004-1991
Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote malicious users to view arbitrary files via a .. (dot dot) in an HTTP GET request.
Aldostools Aldo\\'s Web Server 1.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started