CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
78.9%
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
Vendor | Product | Version | CPE |
---|---|---|---|
adcycle | adcycle | 0.77 | cpe:2.3:a:adcycle:adcycle:0.77:*:*:*:*:*:*:* |
adcycle | adcycle | 0.77b | cpe:2.3:a:adcycle:adcycle:0.77b:*:*:*:*:*:*:* |
adcycle | adcycle | 0.78b | cpe:2.3:a:adcycle:adcycle:0.78b:*:*:*:*:*:*:* |
adcycle | adcycle | 1.0 | cpe:2.3:a:adcycle:adcycle:1.0:*:*:*:*:*:*:* |
adcycle | adcycle | 1.12 | cpe:2.3:a:adcycle:adcycle:1.12:*:*:*:*:*:*:* |
adcycle | adcycle | 1.13 | cpe:2.3:a:adcycle:adcycle:1.13:*:*:*:*:*:*:* |
adcycle | adcycle | 1.14 | cpe:2.3:a:adcycle:adcycle:1.14:*:*:*:*:*:*:* |
adcycle | adcycle | 1.15 | cpe:2.3:a:adcycle:adcycle:1.15:*:*:*:*:*:*:* |