Vulnerabilities > Archangelmgt
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-20 | CVE-2008-2356 | SQL Injection vulnerability in Archangelmgt Archangel Weblog SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | 7.5 |
2007-05-09 | CVE-2007-2574 | Denial-Of-Service vulnerability in Archangelmgt Weblog 0.90.02 Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-08-11 | CVE-2006-4091 | HTML Injection vulnerability in Archangelmgt Weblog 0.90.02 Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Comment section. network archangelmgt | 4.3 |
2006-03-01 | CVE-2006-0945 | Code Injection vulnerability in Archangelmgt Weblog 0.90.02 PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter. | 6.5 |
2006-03-01 | CVE-2006-0944 | Authentication Bypass vulnerability in Archangelmgt Weblog 0.90.02 Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1. | 7.5 |