Adcycle: >> Adcycle >> 0.77b Security Vulnerabilities
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
CVSS Score
10.0
EPSS Score
0.005
Published
2001-07-13
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.
CVSS Score
7.5
EPSS Score
0.007
Published
2001-01-09