Описание
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:adcycle:adcycle:0.77:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:0.77b:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:0.78b:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:1.0:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:1.12:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:1.13:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:1.14:*:*:*:*:*:*:*
cpe:2.3:a:adcycle:adcycle:1.15:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00464
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
EPSS
Процентиль: 63%
0.00464
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other