MidnightBSD

Advisories for archangelmgt

CVE-2006-0944 HIGH

Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
archangelmgt weblog 0.90.02
CVE-2006-0945 MEDIUM

PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
archangelmgt weblog 0.90.02