Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 0.62%
- Published 25.12.2001 05:00:00
- Last modified 03.04.2025 01:03:51
AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
- EPSS 0.46%
- Published 13.07.2001 04:00:00
- Last modified 03.04.2025 01:03:51
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
7.5
CVE-2001-0425
- EPSS 4.59%
- Published 27.06.2001 04:00:00
- Last modified 03.04.2025 01:03:51
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.
7.5
CVE-2000-1161
- EPSS 0.65%
- Published 09.01.2001 05:00:00
- Last modified 03.04.2025 01:03:51
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.
1