Vulnerability Details CVE-2001-0234
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0460.html
- http://sourceforge.net/forum/forum.php?forum_id=60570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6010
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0460.html
- http://sourceforge.net/forum/forum.php?forum_id=60570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6010
Products affected by CVE-2001-0234
-
cpe:2.3:a:sourceforge:newsdaemon:0.21b