Turnkeyforms : Security Vulnerabilities, CVEs, Published In 2009
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request.
Max CVSS
7.5
EPSS Score
2.00%
Published
2009-08-13
Updated
2017-09-29
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-08-12
Updated
2017-09-29
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db.
Max CVSS
7.5
EPSS Score
1.99%
Published
2009-08-12
Updated
2017-09-29
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
Max CVSS
7.5
EPSS Score
2.60%
Published
2009-08-12
Updated
2017-09-29
TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.
Max CVSS
7.5
EPSS Score
5.00%
Published
2009-04-14
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.
Max CVSS
4.3
EPSS Score
0.22%
Published
2009-03-02
Updated
2017-09-29
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-03-02
Updated
2017-09-29
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-03-02
Updated
2017-09-29
TurnkeyForms Local Classifieds allows remote attackers to bypass authentication and gain administrative access via a direct request to Site_Admin/admin.php.
Max CVSS
7.5
EPSS Score
2.00%
Published
2009-02-26
Updated
2017-09-29
9 vulnerabilities found