Total
3408 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7027 | 1 Libra File Manager | 1 Php Filemanager | 2017-09-29 | 7.5 HIGH | N/A |
| Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1. | |||||
| CVE-2008-7019 | 1 Esqlanelapse | 1 Esqlanelapse | 2017-09-29 | 7.5 HIGH | N/A |
| Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies. | |||||
| CVE-2008-7007 | 1 Phpversion | 1 Php Vx Guestbook | 2017-09-29 | 7.5 HIGH | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1. | |||||
| CVE-2008-7006 | 1 Phpversion | 1 Php Vx Guestbook | 2017-09-29 | 5.0 MEDIUM | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php. | |||||
| CVE-2008-6965 | 1 Aj Square | 1 Aj Auction | 2017-09-29 | 7.5 HIGH | N/A |
| AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors. | |||||
| CVE-2008-6951 | 1 Cms.maury91 | 1 Maurycms | 2017-09-29 | 7.5 HIGH | N/A |
| MauryCMS 0.53.2 and earlier does not require administrative authentication for Editors/fckeditor/editor/filemanager/browser/default/browser.html, which allows remote attackers to upload arbitrary files via a direct request. | |||||
| CVE-2008-6939 | 1 Turnkeyforms | 1 Web Hosting Directory | 2017-09-29 | 7.5 HIGH | N/A |
| TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username. | |||||
| CVE-2008-6919 | 1 Taskdriver | 1 Taskdriver | 2017-09-29 | 7.5 HIGH | N/A |
| profileedit.php TaskDriver 1.3 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "fook!admin." | |||||
| CVE-2008-6916 | 2 John Doe, Siemens | 2 Netport Software, Speedstream 5200 | 2017-09-29 | 10.0 HIGH | N/A |
| Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. | |||||
| CVE-2008-6912 | 1 Zeeways | 1 Shaadiclone | 2017-09-29 | 7.5 HIGH | N/A |
| Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php. | |||||
| CVE-2008-6864 | 1 Xigla | 1 Absolute Live Support .net | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6863 | 1 Xigla | 1 Absolute Form Processor.net | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6862 | 1 Xigla | 1 Absolute Content Rotator | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6861 | 1 Xigla | 1 Absolute Newsletter | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6860 | 1 Xigla | 1 Absolute Poll Manager Xe | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6859 | 1 Xigla | 1 Absolute Control Panel Xe | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6858 | 1 Xigla | 1 Absolute Banner Manager.net | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6857 | 1 Xigla | 1 Absolute Podcast.net | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6856 | 1 Xigla | 1 Absolute News Manager.net | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6855 | 1 Xigla | 1 Absolute News Feed | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie. | |||||