Every CVE whose affected-product data names Ansel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2004-2203 — CVSS 7.5 (high): Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.
CVE-2004-2266 — CVSS 7.5 (high): SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter.