2 matches found
CVE-2009-4808
CVE-2009-4808 affects Graugon PHP Article Publisher 1.0. The admin.php authentication check can be bypassed by setting the g_admin cookie to 1, allowing remote attackers to gain administrative access. This is the root cause and impact described across sources; no remediation or mitigation details...
CVE-2009-4807
Graugon PHP Article Publisher 1.0 is affected by multiple SQL injection vulnerabilities. The flaws allow remote attackers to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php, enabling unauthorized access or manipulation of the database. No r...