Lucene search
Aflog Security Vulnerabilities
cve
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4)...
7.4AI Score
0.018EPSS
2008-10-29 02:22 PM
26
cve
Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to comments.php and (2) an unspecified parameter to...
9.5AI Score
0.002EPSS
2008-01-23 12:00 PM
13
cve
Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment...
6.4AI Score
0.002EPSS
2008-01-23 12:00 PM
14