VYPR

Acc Statistics

by Accscripts

CVEs (2)

  • CVE-2009-4905Jun 25, 2010
    risk 0.03cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwords, (2) usernames, and (3) e-mail addresses.

  • CVE-2008-6294Feb 26, 2009
    risk 0.03cvss epss 0.03

    admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."