Web Hosting Directory Security Vulnerabilities and Issues — Web Hosting Directory CVE List

Lucene search

TurnkeyformsWeb Hosting Directory

3 matches found

CVE•added 2009/08/12 10:30 a.m.•33 views

CVE-2008-6939

TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.

7.5CVSS7.4AI score0.05515EPSS

CVE•added 2009/08/12 10:30 a.m.•31 views

CVE-2008-6941

SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field.

7.5CVSS8.8AI score0.00784EPSS

CVE•added 2009/08/12 10:30 a.m.•26 views

CVE-2008-6940

TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db.

7.5CVSS6.4AI score0.056EPSS