Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1053

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-1053
Last Modified 10 Sep 2008 03:09:35
Published 13 Jul 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1053

Summary

AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.

Vulnerable Systems

Application

  • Adcycle 0.77

  • Adcycle 0.77b

  • Adcycle 0.78b

  • Adcycle 1.0

  • Adcycle 1.12

  • Adcycle 1.13

  • Adcycle 1.14

  • Adcycle 1.15


References

XF - adcycle-insert-sql-command(6837)

BID - 3032

BUGTRAQ - 20010713 AdCycle SQL Command Insertion Vulnerability - qDefense Advisory Number QDAV-2001-7-2

CONFIRM - http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17


Last Updated: 27 May 2016 10:36:30