Vulnerability Description
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adcycle | Adcycle | 0.77 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.htmlExploitPatchVendor Advisory
- http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17
- http://www.securityfocus.com/bid/3032ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6837
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0249.htmlExploitPatchVendor Advisory
- http://www.adcycle.com/cgi-bin/download.cgi?type=UNIX&version=1.17
- http://www.securityfocus.com/bid/3032ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6837
FAQ
What is CVE-2001-1053?
CVE-2001-1053 is a vulnerability with a CVSS score of 10.0 (HIGH). AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
How severe is CVE-2001-1053?
CVE-2001-1053 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1053?
Check the references section above for vendor advisories and patch information. Affected products include: Adcycle Adcycle.