Vulnerabilities > Accscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-25 | CVE-2009-4906 | Cross-Site Request Forgery (CSRF) vulnerability in Accscripts ACC PHP Email 1.1 Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords. | 6.8 |
2010-06-25 | CVE-2009-4905 | Cross-Site Request Forgery (CSRF) vulnerability in Accscripts ACC Statistics 1.1 Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwords, (2) usernames, and (3) e-mail addresses. | 6.8 |
2009-02-26 | CVE-2008-6294 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC Statistics 1.1 admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin." | 7.5 |
2009-02-26 | CVE-2008-6293 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC Real Estate 4.0 admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie to "admin." | 7.5 |
2009-02-26 | CVE-2008-6292 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC Autos 4.0 Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to "admin," (2) right_cookie to "1," and (3) id_cookie to "1." | 7.5 |
2009-02-26 | CVE-2008-6291 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC PHP Email 1.1 Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin". | 7.5 |