IDCVSSSummaryLast (major) updatePublished
CVE-2001-0425 7.5 in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.
05-09-2008 - 20:24 27-06-2001 - 04:00
CVE-2001-1053 10.0 in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
10-10-2017 - 01:29 13-07-2001 - 04:00
CVE-2000-1161 7.5
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.
05-09-2008 - 20:22 09-01-2001 - 05:00
CVE-2001-1226 5.0
AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
05-09-2008 - 20:26 25-12-2001 - 05:00
Back to Top Mark selected
Back to Top