VYPR
Vendor

Archangelmgt

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2008-2356May 20, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter.

  • CVE-2007-2574May 9, 2007
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the index parameter.

  • CVE-2006-0944Mar 1, 2006
    risk 0.03cvss epss 0.04

    Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.

  • CVE-2006-4091Aug 11, 2006
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Comment section.

  • CVE-2006-0945Mar 1, 2006
    risk 0.00cvss epss 0.01

    PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.