81 matches found
EUVD-2008-5463
Malware in sbrugna...
EUVD-2008-6319
Malware in sbrugna...
EUVD-2008-6922
Malware in sbrugna...
EUVD-2008-5464
Malware in sbrugna...
EUVD-2008-6320
Malware in sbrugna...
EUVD-2008-6321
Malware in sbrugna...
EUVD-2008-6901
Malware in sbrugna...
TurnkeyForms Software Directory 1.0 SQL Injection and Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32175/info TurnkeyForms Software Directory is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...
Authentication flaw
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request...
CVE-2008-6963
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request...
CVE-2008-6963
CVE-2008-6963 affects TurnkeyForms Text Link Sales (admin.php). The vulnerability allows remote attackers to bypass authentication and gain administrative privileges through a direct request. Documents describe the flaw and its impact but do not provide a patch version, workaround, or explicit re...
CVE-2008-6940
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db...
Sql injection
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and 1 gain administrative privileges by setting the adm cookie to 1 or 2 gain privileges as another user by setting the logged cookie to the target username...
CVE-2008-6939
TurnkeyForms Web Hosting Directory is affected by CVE-2008-6939, which allows remote attackers to bypass authentication by manipulating cookies (adm=1 to gain admin privileges or logged to impersonate another user). The issue enables privilege escalation to admin or another user without authentic...
CVE-2008-6940
CVE-2008-6940 affects TurnkeyForms Web Hosting Directory. The vulnerability stems from insufficient access control that allows remote attackers to access sensitive data stored under the web root, specifically enabling retrieval of a database backup via a direct request to admin/backup/db. The con...
CVE-2008-6941
The CVE-2008-6941 entry concerns a SQL injection in the login function of TurnkeyForms Web Hosting Directory, allowing remote attackers to execute arbitrary SQL commands via the password field. The NVD data indicates a high impact with a base score of 7.5 (Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P). Con...
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and 1 gain administrative privileges by setting the adm cookie to 1 or 2 gain privileges as another user by setting the logged cookie to the target username...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...