CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2007/02/14 11:28 a.m.•13 views

CVE-2007-0926

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql'pass' and $gbpass variables...

7.5CVSS7AI score0.00717EPSS

Exploits0References3

Prion•added 2007/02/14 11:28 a.m.•18 views

Design/Logic Flaw

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql'pass' and $gbpass variables...

7.5CVSS7.5AI score0.00717EPSS

Exploits0References3Affected Software1

CVE•added 2007/02/14 11:0 a.m.•35 views

CVE-2007-0926

The CVE-2007-0926 issue affects KvGuestbook 1.0 Beta, specifically the dologin function in guestbook.php. The vulnerability allows remote attackers to gain administrative privileges, probably by manipulating the $mysql['pass'] and $gbpass variables. The available sources confirm the affected comp...

7.5CVSS7AI score0.00717EPSS

Exploits0References3Affected Software1

Cvelist•added 2007/02/14 11:0 a.m.•19 views

CVE-2007-0926

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql'pass' and $gbpass variables...

7AI score0.00717EPSS

Exploits0References3

securityvulns•added 2007/02/12 12:0 a.m.•49 views

KvGuestbook Remote Add Admin Exploit

Version : 1.0 Beta Download : http://www.killervault.com Files : guestbook.php Error : function dologin global $mysql, $gbpass, $gburl; $time = time + 86400365; if$gbpass == $mysql'pass' setcookie'kvgbcookie', $mysql'pass', $time, '/'; header"Location: $gburl"; $mysql, $gbpass, $gburl Mysql & Adm...

2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by