Total
3408 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6118 | 1 Goople Cms | 1 Goople Cms | 2017-09-29 | 7.5 HIGH | N/A |
| win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. | |||||
| CVE-2008-6092 | 1 Phpscripts | 1 Ranking-script | 2017-09-29 | 7.5 HIGH | N/A |
| phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie. | |||||
| CVE-2008-6009 | 1 Sg Real Estate Portal | 1 Sg Real Estate Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1. | |||||
| CVE-2008-5880 | 1 Gobbl | 1 Gobbl Cms | 2017-09-29 | 7.5 HIGH | N/A |
| admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "ok". | |||||
| CVE-2008-5783 | 1 V3chat | 1 V3 Chat Live Support | 2017-09-29 | 7.5 HIGH | N/A |
| admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1. | |||||
| CVE-2008-5708 | 1 Slimcms | 1 Slimcms | 2017-09-29 | 7.5 HIGH | N/A |
| redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1. | |||||
| CVE-2008-5576 | 1 Scssboard | 1 Scssboard | 2017-09-29 | 7.5 HIGH | N/A |
| admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter. | |||||
| CVE-2008-5497 | 1 Bandsitecms | 1 Bandsite Cms | 2017-09-29 | 7.5 HIGH | N/A |
| BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access by setting the login_auth cookie to true. | |||||
| CVE-2008-5355 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 10.0 HIGH | N/A |
| The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code via DNS man-in-the-middle attacks. | |||||
| CVE-2008-5221 | 1 Wportfolio | 1 Wportfolio | 2017-09-29 | 7.5 HIGH | N/A |
| The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified password and password_retype parameters. | |||||
| CVE-2008-5219 | 1 Videoscript | 1 Videoscript | 2017-09-29 | 7.5 HIGH | N/A |
| The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters. | |||||
| CVE-2008-5125 | 1 Castillocentral | 1 Ccleague | 2017-09-29 | 6.8 MEDIUM | N/A |
| admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin. | |||||
| CVE-2008-5065 | 1 Easy-script | 1 Tlguesbook | 2017-09-29 | 7.5 HIGH | N/A |
| TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin. | |||||
| CVE-2008-5042 | 1 Zeeways | 1 Photovideotube | 2017-09-29 | 7.5 HIGH | N/A |
| Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform administrative tasks via a direct request to admin/home.php. | |||||
| CVE-2008-5040 | 1 Graphiks | 1 Myforum | 2017-09-29 | 7.5 HIGH | N/A |
| Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1. | |||||
| CVE-2008-4784 | 1 Aflog | 1 Aflog | 2017-09-29 | 7.5 HIGH | N/A |
| aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php. | |||||
| CVE-2008-4783 | 1 Easy-script | 1 Tlads | 2017-09-29 | 7.5 HIGH | N/A |
| tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin." | |||||
| CVE-2008-4752 | 1 Tech Logic | 1 Tlnews | 2017-09-29 | 7.5 HIGH | N/A |
| TlNews 2.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlNews_login cookie to admin. | |||||
| CVE-2008-4721 | 1 Php Jabbers | 1 Post Comment | 2017-09-29 | 7.5 HIGH | N/A |
| PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged." | |||||
| CVE-2008-4714 | 1 Atomic Photo Album | 1 Atomic Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies. | |||||