CVE-2002-0995 in PHPAuctioninfo

Summary

login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

10/04/2002

Moderation

VulDB entry created

Entries

1: VDB-18909

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.07134

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0995
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0995
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0995/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!