AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.html | Exploit Patch Vendor Advisory |
http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17 | |
http://www.securityfocus.com/bid/3032 | Exploit Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/6837 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-25T04:00:00
Updated: 2002-06-16T00:00:00
Reserved: 2002-01-31T00:00:00
Link: CVE-2001-1053
JSON object: View
NVD Information
Status : Modified
Published: 2001-07-13T04:00:00.000
Modified: 2017-10-10T01:29:58.907
Link: CVE-2001-1053
JSON object: View
Redhat Information
No data.
CWE