VYPR

Million Dollar Text Links

by Cmsnx

CVEs (3)

  • CVE-2009-4206Dec 4, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2009-1854Jun 1, 2009
    risk 0.03cvss epss 0.02

    Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.

  • CVE-2009-1582May 7, 2009
    risk 0.03cvss epss 0.03

    Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote attackers to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.