CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Aflog: Security Vulnerabilities

CVE-2008-4784

aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.

CVSS Score

7.5

EPSS Score

0.02

Published

2008-10-29

CVE-2008-0398

Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form.

CVSS Score

4.3

EPSS Score

0.018

Published

2008-01-23

Page 1

Vulnerabilities

Vulnerable Software

Aflog: Security Vulnerabilities

Products

Pricing

Contact Us