Absolute Control Panel Xe
by Xigla
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6859 | 0.03 | — | 0.00 | Jul 14, 2009 | Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||
| CVE-2009-1504 | 0.03 | — | 0.00 | May 1, 2009 | Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1." | ||
| CVE-2008-2756 | 0.00 | — | 0.01 | Jun 18, 2008 | Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information. |
- CVE-2008-6859Jul 14, 2009risk 0.03cvss —epss 0.00
Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
- CVE-2009-1504May 1, 2009risk 0.03cvss —epss 0.00
Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."
- CVE-2008-2756Jun 18, 2008risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information.