3 matches found
CVE-2009-3261
update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...
CVE-2009-3261
update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...
CVE-2009-3261
CVE-2009-3261 affects LiveStreet 0.2, where update/update_0.1.2_to_0.2.php does not require administrative authentication, enabling remote attackers to trigger DROP TABLE operations via unspecified vectors. Root cause is missing admin auth for the vulnerable update script. Documents do not provid...