Total
2926 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1617 | 1 Teraway | 1 Linktracker | 2017-09-28 | 7.5 HIGH | N/A |
| Teraway LinkTracker 1.0 allows remote attackers to bypass authentication and gain administrative access via a userid=1&lvl=1 value for the twLTadmin cookie. | |||||
| CVE-2009-1549 | 1 Agtc | 1 Agtc Myshop | 2017-09-28 | 7.5 HIGH | N/A |
| AGTC MyShop 3.2b allows remote attackers to bypass authentication and obtain administrative access setting the log_accept cookie to "correcto." | |||||
| CVE-2008-6723 | 1 Turnkeyforms | 1 Entertainment Portal | 2017-09-28 | 7.5 HIGH | N/A |
| TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. | |||||
| CVE-2008-7006 | 1 Phpversion | 1 Php Vx Guestbook | 2017-09-28 | 5.0 MEDIUM | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php. | |||||
| CVE-2008-7007 | 1 Phpversion | 1 Php Vx Guestbook | 2017-09-28 | 7.5 HIGH | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1. | |||||
| CVE-2008-7019 | 1 Esqlanelapse | 1 Esqlanelapse | 2017-09-28 | 7.5 HIGH | N/A |
| Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies. | |||||
| CVE-2008-7027 | 1 Libra File Manager | 1 Php Filemanager | 2017-09-28 | 7.5 HIGH | N/A |
| Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1. | |||||
| CVE-2008-6664 | 1 Yarck | 1 Sh-news | 2017-09-28 | 7.5 HIGH | N/A |
| action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values. | |||||
| CVE-2008-7156 | 1 Ekinboard | 1 Ekinboard | 2017-09-28 | 6.8 MEDIUM | N/A |
| EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php. | |||||
| CVE-2008-6717 | 1 Uochm | 1 Signup | 2017-09-28 | 7.5 HIGH | N/A |
| U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) adminstart.php, (2) admineventtype.php, (3) admineventdetails.php, (4) admineventlist.php, (5) adminuserslist.php, (6) adminleaderslist.php, (7) admindatabase.php, and possibly (8) index.php. | |||||
| CVE-2008-7028 | 1 Aves | 1 Rpg Board | 2017-09-28 | 7.5 HIGH | N/A |
| RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value. | |||||
| CVE-2008-6716 | 1 Preprojects | 1 Pre Ads Portal | 2017-09-28 | 7.5 HIGH | N/A |
| homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. | |||||
| CVE-2008-6581 | 1 Phpaddedit | 1 Phpaddedit | 2017-09-28 | 7.5 HIGH | N/A |
| login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the addedit cookie parameter. | |||||
| CVE-2008-6738 | 1 Mark Girling | 1 Myshoutpro | 2017-09-28 | 7.5 HIGH | N/A |
| MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin_access cookie to 1. | |||||
| CVE-2008-7179 | 1 Otmanager | 1 Otmanager Cms | 2017-09-28 | 7.5 HIGH | N/A |
| OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php. | |||||
| CVE-2008-7124 | 1 Zkup | 1 Zkup | 2017-09-28 | 7.5 HIGH | N/A |
| zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator. | |||||
| CVE-2008-7041 | 1 Ajsquare | 1 Aj Classifieds | 2017-09-28 | 7.5 HIGH | N/A |
| AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php. | |||||
| CVE-2008-7086 | 1 Maianscriptworld | 1 Maian Greetings | 2017-09-28 | 7.5 HIGH | N/A |
| Maian Greetings 2.1 allows remote attackers to bypass authentication and gain administrative privileges by setting the mecard_admin_cookie cookie to admin. | |||||
| CVE-2008-7045 | 1 Ajsquare | 1 Free Polling Script | 2017-09-28 | 6.4 MEDIUM | N/A |
| AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php. | |||||
| CVE-2008-6854 | 1 Xigla | 1 Absolute Faq Manager .net | 2017-09-28 | 7.5 HIGH | N/A |
| Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||