Vulnerability Details CVE-2001-1053
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.html
- http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17
- http://www.securityfocus.com/bid/3032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6837
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.html
- http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17
- http://www.securityfocus.com/bid/3032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6837
Products affected by CVE-2001-1053
-
cpe:2.3:a:adcycle:adcycle:0.77
-
cpe:2.3:a:adcycle:adcycle:0.77b
-
cpe:2.3:a:adcycle:adcycle:0.78b
-
cpe:2.3:a:adcycle:adcycle:1.0
-
cpe:2.3:a:adcycle:adcycle:1.12
-
cpe:2.3:a:adcycle:adcycle:1.13
-
cpe:2.3:a:adcycle:adcycle:1.14
-
cpe:2.3:a:adcycle:adcycle:1.15