Cmsnx
Products
4- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4206 | 0.03 | — | 0.01 | Dec 4, 2009 | SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2009-1854 | 0.03 | — | 0.02 | Jun 1, 2009 | Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1. | |||
| CVE-2009-1587 | 0.03 | — | 0.03 | May 7, 2009 | index.php in PHP Site Lock 2.0 allows remote attackers to bypass authentication and obtain administrative access by setting the login_id, group_id, login_name, user_id, and user_type cookies to certain values. | |||
| CVE-2009-1582 | 0.03 | — | 0.03 | May 7, 2009 | Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote attackers to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php. | |||
| CVE-2008-2277 | 0.03 | — | 0.01 | May 16, 2008 | SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||
| CVE-2008-2263 | 0.03 | — | 0.01 | May 16, 2008 | SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. |
- CVE-2009-4206Dec 4, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2009-1854Jun 1, 2009risk 0.03cvss —epss 0.02
Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.
- CVE-2009-1587May 7, 2009risk 0.03cvss —epss 0.03
index.php in PHP Site Lock 2.0 allows remote attackers to bypass authentication and obtain administrative access by setting the login_id, group_id, login_name, user_id, and user_type cookies to certain values.
- CVE-2009-1582May 7, 2009risk 0.03cvss —epss 0.03
Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote attackers to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.
- CVE-2008-2277May 16, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
- CVE-2008-2263May 16, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc.