Acc PHP Email
by Accscripts
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4906 | 0.03 | — | 0.01 | Jun 25, 2010 | Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords. | |||
| CVE-2008-6291 | 0.03 | — | 0.02 | Feb 26, 2009 | Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin". |
- CVE-2009-4906Jun 25, 2010risk 0.03cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
- CVE-2008-6291Feb 26, 2009risk 0.03cvss —epss 0.02
Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin".