Vulnerabilities > ARK WEB

DATE CVE VULNERABILITY TITLE RISK
2022-09-12 CVE-2022-38972 Cross-site Scripting vulnerability in Ark-Web A-Form
Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.
network
low complexity
ark-web CWE-79
6.1
2017-12-01 CVE-2017-10899 SQL Injection vulnerability in Ark-Web A-Reserve 3.8.6
SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ark-web CWE-89
critical
9.8
2017-12-01 CVE-2017-10898 SQL Injection vulnerability in Ark-Web A-Member 3.8.6
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ark-web CWE-89
critical
9.8