Vulnerabilities > CVE-2001-0088 - Unspecified vulnerability in Jason Hines PHPweblog 0.4.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0025.html
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0025.html
- http://www.securityfocus.com/bid/2047
- http://www.securityfocus.com/bid/2047
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5625
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5625