4 matches found
Killer Protection 1.0 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP request. Exploiti...
CVE-2002-2335
CVE-2002-2335 affects Killer Protection 1.0, where the vars.inc include file is stored under the web root with insufficient access control. This allows remote attackers to obtain user names and passwords and to log in using protection.php. The connected documents confirm the vulnerability descrip...
CVE-2002-2335
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php...
CVE-2002-2335
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php...