Archangelmgt Weblog vulnerabilities
4 known vulnerabilities affecting archangelmgt/weblog.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2006-0944P3HIGHCVSS 7.5PoCv0.90.022006-03-01
CVE-2006-0944 [HIGH] CVE-2006-0944: Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin co
Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.
nvd
CVE-2007-2574P4MEDIUMCVSS 5.0PoCv0.90.022007-05-09
CVE-2007-2574 [MEDIUM] CVE-2007-2574: Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers t
Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the index parameter.
nvd
CVE-2006-0945P4MEDIUMCVSS 6.5v0.90.022006-03-01
CVE-2006-0945 [MEDIUM] CWE-94 CVE-2006-0945: PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote a
PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.
nvd
CVE-2006-4091P4MEDIUMCVSS 4.3v0.90.022006-08-11
CVE-2006-4091 [MEDIUM] CVE-2006-4091: Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02
Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Comment section.
nvd