81 matches found
EUVD-2008-6319
Malware in sbrugna...
EUVD-2008-6321
Malware in sbrugna...
EUVD-2008-6922
Malware in sbrugna...
EUVD-2008-6320
Malware in sbrugna...
EUVD-2008-5464
Malware in sbrugna...
EUVD-2008-5463
Malware in sbrugna...
EUVD-2008-6901
Malware in sbrugna...
TurnkeyForms Software Directory 1.0 SQL Injection and Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32175/info TurnkeyForms Software Directory is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...
Authentication flaw
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request...
CVE-2008-6963
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request...
CVE-2008-6963
CVE-2008-6963 affects TurnkeyForms Text Link Sales (admin.php). The vulnerability allows remote attackers to bypass authentication and gain administrative privileges through a direct request. Documents describe the flaw and its impact but do not provide a patch version, workaround, or explicit re...
Sql injection
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and 1 gain administrative privileges by setting the adm cookie to 1 or 2 gain privileges as another user by setting the logged cookie to the target username...
CVE-2008-6940
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db...
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and 1 gain administrative privileges by setting the adm cookie to 1 or 2 gain privileges as another user by setting the logged cookie to the target username...
CVE-2008-6940
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6941
The CVE-2008-6941 entry concerns a SQL injection in the login function of TurnkeyForms Web Hosting Directory, allowing remote attackers to execute arbitrary SQL commands via the password field. The NVD data indicates a high impact with a base score of 7.5 (Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P). Con...
CVE-2008-6939
TurnkeyForms Web Hosting Directory is affected by CVE-2008-6939, which allows remote attackers to bypass authentication by manipulating cookies (adm=1 to gain admin privileges or logged to impersonate another user). The issue enables privilege escalation to admin or another user without authentic...