These vulnerabilities allow for a complete take over giving full administrative access as well as remote shells on the servers that they are installed on.
Each of these suffer from Insecure Direct Object Reference Vulnerabilities.
Due to the details of the attack and screen shots, they can be found at http://www.securatary.com/vulnerabilities
All the best
Mark Litchfield