8 matches found
EUVD-2007-4619
Malware in sbrugna...
Authentication flaw
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps...
CVE-2007-4637
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps...
CVE-2007-4637
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps...
CVE-2007-4637
CVE-2007-4637 affects xGB.php in xGB 2.0, where an admin edit action does not require authentication. This allows remote attackers to perform unspecified changes via an unknown series of steps. The NVD entry lists a MEDIUM base score (6.4) with network attack vector, low complexity, and no user i...
xgb-bypass.txt
/ xGB 2.0 xGB.php Remote Permission Bypass Vulnerability Bug discovered by DarkFuneral http://www.darkfuneral89.altervista.org/ Affected Software: xGB CMS Site: "i don't know! :P" Severity: Critical Description: An attacker can edit all message in xGB Google Dork: allinurl:"xGb.php" E-Mail:...
xGB 2.0 - xGB.php Remote Security Bypass
xGB 2.0 - xGB.php Remote Security Bypass / xGB 2.0 xGB.php Remote Permission Bypass Vulnerability Bug discovered by DarkFuneral http://www.darkfuneral89.altervista.org/ Affected Software: xGB CMS Site: "i don't know! :P" Severity: Critical Description: An attacker can edit all message in xGB Goog...
xGB 2.0 - 'xGB.php' Remote Security Bypass
/ xGB 2.0 xGB.php Remote Permission Bypass Vulnerability Bug discovered by DarkFuneral http://www.darkfuneral89.altervista.org/ Affected Software: xGB CMS Site: "i don't know! :P" Severity: Critical Description: An attacker can edit all message in xGB Google Dork: allinurl:"xGb.php" E-Mail:...