IDCVSSSummaryLast (major) updatePublished
CVE-2008-0398 4.3
Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form.
29-09-2017 - 01:30 23-01-2008 - 12:00
CVE-2008-4784 7.5
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.
29-09-2017 - 01:32 29-10-2008 - 14:22
Back to Top Mark selected
Back to Top