Lucene search

[email protected]CVE-2001-1053

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2001-1053

2002-06-2504:00:00

[email protected]

web.nvd.nist.gov

adcycle 1.15

sql injection

remote attack

authentication bypass

cve-2001-1053

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.9%

JSON

AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.

Affected configurations

NVD

Node

adcycleadcycleMatch0.77

adcycleadcycleMatch0.77b

adcycleadcycleMatch0.78b

adcycleadcycleMatch1.0

adcycleadcycleMatch1.12

adcycleadcycleMatch1.13

adcycleadcycleMatch1.14

adcycleadcycleMatch1.15

CPENameOperatorVersion
adcycle:adcycleadcycleeq0.77
adcycle:adcycleadcycleeq0.77b
adcycle:adcycleadcycleeq0.78b
adcycle:adcycleadcycleeq1.0
adcycle:adcycleadcycleeq1.12
adcycle:adcycleadcycleeq1.13
adcycle:adcycleadcycleeq1.14
adcycle:adcycleadcycleeq1.15

CPE	Name	Operator	Version
adcycle:adcycle	adcycle	eq	0.77
adcycle:adcycle	adcycle	eq	0.77b
adcycle:adcycle	adcycle	eq	0.78b
adcycle:adcycle	adcycle	eq	1.0
adcycle:adcycle	adcycle	eq	1.12
adcycle:adcycle	adcycle	eq	1.13
adcycle:adcycle	adcycle	eq	1.14
adcycle:adcycle	adcycle	eq	1.15

References

archives.neohapsis.com/archives/bugtraq/2001-07/0249.html

www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17

www.securityfocus.com/bid/3032

exchange.xforce.ibmcloud.com/vulnerabilities/6837

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2001-1053

cvelist1 nvd1