Total
3455 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6861 | 1 Xigla | 1 Absolute Newsletter | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6860 | 1 Xigla | 1 Absolute Poll Manager Xe | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6859 | 1 Xigla | 1 Absolute Control Panel Xe | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6858 | 1 Xigla | 1 Absolute Banner Manager.net | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6857 | 1 Xigla | 1 Absolute Podcast.net | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6856 | 1 Xigla | 1 Absolute News Manager.net | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6855 | 1 Xigla | 1 Absolute News Feed | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie. | |||||
| CVE-2008-6854 | 1 Xigla | 1 Absolute Faq Manager .net | 2017-09-29 | 7.5 HIGH | N/A |
| Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | |||||
| CVE-2008-6815 | 1 Myktools | 1 Myktools | 2017-09-29 | 5.0 MEDIUM | N/A |
| mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified request to the download page for the backup. | |||||
| CVE-2008-6763 | 1 Hypersilence | 1 Silentum Loginsys | 2017-09-29 | 7.5 HIGH | N/A |
| login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypass authentication and obtain access to an arbitrary account by setting the logged_in cookie to that account's username. | |||||
| CVE-2008-6743 | 1 Shock-therapy | 1 Rsmscript | 2017-09-29 | 7.5 HIGH | N/A |
| RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php. | |||||
| CVE-2008-6739 | 1 Toddwoolums | 1 Asp Download | 2017-09-29 | 7.5 HIGH | N/A |
| Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request. | |||||
| CVE-2008-6738 | 1 Mark Girling | 1 Myshoutpro | 2017-09-29 | 7.5 HIGH | N/A |
| MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin_access cookie to 1. | |||||
| CVE-2008-6723 | 1 Turnkeyforms | 1 Entertainment Portal | 2017-09-29 | 7.5 HIGH | N/A |
| TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. | |||||
| CVE-2008-6719 | 1 Uochm | 1 Justlistit | 2017-09-29 | 7.5 HIGH | N/A |
| U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) start.php, (2) aktivitet.php, (3) prop_aktivitet.php, (4) kategorier.php, (5) konfig.php, (6) security.php, (7) manual.php, and possibly (8) index.php. | |||||
| CVE-2008-6718 | 1 Uochm | 1 Justbookit | 2017-09-29 | 7.5 HIGH | N/A |
| U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) user_manual.php, (2) user_config.php, (3) user_kundnamn.php, (4) user_kundlista.php, (5) user_aktiva_kunder.php, (6) database.php, and possibly (7) index.php. | |||||
| CVE-2008-6717 | 1 Uochm | 1 Signup | 2017-09-29 | 7.5 HIGH | N/A |
| U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) adminstart.php, (2) admineventtype.php, (3) admineventdetails.php, (4) admineventlist.php, (5) adminuserslist.php, (6) adminleaderslist.php, (7) admindatabase.php, and possibly (8) index.php. | |||||
| CVE-2008-6716 | 1 Preprojects | 1 Pre Ads Portal | 2017-09-29 | 7.5 HIGH | N/A |
| homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. | |||||
| CVE-2008-6667 | 1 Marc Melvin | 1 A\+ Php Scripts News Management System | 2017-09-29 | 7.5 HIGH | N/A |
| A+ PHP Scripts News Management System (NMS) allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1. | |||||
| CVE-2008-6581 | 1 Phpaddedit | 1 Phpaddedit | 2017-09-29 | 7.5 HIGH | N/A |
| login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the addedit cookie parameter. | |||||