3 matches found
CVE-2008-4146
Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...
Code injection
Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...
CVE-2008-4146
Affected software: Addalink 1.0 beta 4 and earlier. Vulnerable component/function: website configuration fields processed by Addalink that allow remote modification. Root cause/impact: an attacker can remotely alter the approved field to approve site additions and modify the counter field to chan...