RSS   Vulnerabilities for 'Acc statistics'   RSS

2010-06-25
 
CVE-2009-4905

CWE-352
 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwords, (2) usernames, and (3) e-mail addresses.

 
2009-02-26
 
CVE-2008-6294

CWE-264
 

 
admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."

 

 >>> Vendor: Accscripts 4 Products
Acc php email
Acc autos
Acc real estate
Acc statistics


Copyright 2017, cxsecurity.com