Vulnerabilities > Cicoandcico
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-04-22 | CVE-2008-1904 | Improper Authentication vulnerability in Cicoandcico Ccmail 1.0 Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie. | 7.5 |
2007-03-20 | CVE-2007-1516 | Remote File Include vulnerability in Cicoandcico Ccmail 1.0.1 PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter. network cicoandcico | 6.8 |