RSS   Vulnerabilities for 'Php vx guestbook'   RSS

2009-08-19
 
CVE-2008-7007

 

 
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1.

 
 
CVE-2008-7006

 

 
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top