Vulnerabilities > Accscripts > ACC PHP Email
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-25 | CVE-2009-4906 | Cross-Site Request Forgery (CSRF) vulnerability in Accscripts ACC PHP Email 1.1 Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords. | 6.8 |
2009-02-26 | CVE-2008-6291 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC PHP Email 1.1 Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin". | 7.5 |