RSS   Vulnerabilities for 'Phpaddedit'   RSS

2009-04-02
 
CVE-2008-6581

 

 
login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the addedit cookie parameter.

 
2009-02-27
 
CVE-2008-6313

 

 
Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely.

 


Copyright 2024, cxsecurity.com

 

Back to Top