Cicoandcico Ccmail vulnerabilities
2 known vulnerabilities affecting cicoandcico/ccmail.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-1904P3HIGHCVSS 7.5PoC≤ 1.0.1v1.02008-04-22
CVE-2008-1904 [HIGH] CWE-287 CVE-2008-1904: Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an a
Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie.
nvd
CVE-2007-1516P3MEDIUMCVSS 6.8PoCv1.0.12007-03-20
CVE-2007-1516 [MEDIUM] CVE-2007-1516: PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows rem
PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter.
nvd