index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of a user via a modified id parameter, related to templates/modif.html. NOTE: some of these details are obtained from third party information.
6.8AI Score
0.05EPSS
Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the id_mod parameter to templates/modif.html, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from thir...
8.2AI Score
0.002EPSS
Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rubrik parameter.
6.7AI Score
0.017EPSS