6.6 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.9%
AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html
secunia.com/advisories/19351
www.osvdb.org/24065
www.osvdb.org/24066
www.vupen.com/english/advisories/2006/1071
exchange.xforce.ibmcloud.com/vulnerabilities/25404