Vulnerabilities > Accscripts > ACC Statistics > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-25 | CVE-2009-4905 | Cross-Site Request Forgery (CSRF) vulnerability in Accscripts ACC Statistics 1.1 Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwords, (2) usernames, and (3) e-mail addresses. | 6.8 |
2009-02-26 | CVE-2008-6294 | Permissions, Privileges, and Access Controls vulnerability in Accscripts ACC Statistics 1.1 admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin." | 7.5 |