Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2008-4784
- EPSS 2%
- Published 29.10.2008 14:22:38
- Last modified 09.04.2025 00:30:58
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.
4.3
CVE-2008-0398
- EPSS 1.82%
- Published 23.01.2008 12:00:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form.
1