Xigla Absolute Control Panel Xe vulnerabilities
3 known vulnerabilities affecting xigla/absolute_control_panel_xe.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-1504P3HIGHCVSS 7.5PoCv1.52009-05-01
CVE-2009-1504 [HIGH] CWE-287 CVE-2009-1504: Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrat
Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."
nvd
CVE-2008-6859P3HIGHCVSS 7.5PoCv1.52009-07-14
CVE-2008-6859 [HIGH] CWE-287 CVE-2008-6859: Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and ga
Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
nvd
CVE-2008-2756P4MEDIUMCVSS 4.3v1.02008-06-18
CVE-2008-2756 [MEDIUM] CWE-79 CVE-2008-2756: Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 a
Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information.
nvd