Vulnerabilities > CVE-2001-1053 - Unspecified vulnerability in Adcycle

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

adcycle

critical

NVD

Published: 2001-07-13

Updated: 2017-10-10

Summary

AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.

Vulnerable Configurations

Part	Description	Count
Application	Adcycle Adcycle Adcycle 0.77 Adcycle Adcycle 0.77B Adcycle Adcycle 0.78B Adcycle Adcycle 1.0 Adcycle Adcycle 1.12 Adcycle Adcycle 1.13 Adcycle Adcycle 1.14 Adcycle Adcycle 1.15	8

References

http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.html
http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17
http://www.securityfocus.com/bid/3032
https://exchange.xforce.ibmcloud.com/vulnerabilities/6837