VYPR
Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Jun 16, 2026

CVE-2002-0995

CVE-2002-0995

Description

login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:gianluca_baldo:phpauction:1.2:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:gianluca_baldo:phpauction:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gianluca_baldo:phpauction:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gianluca_baldo:phpauction:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gianluca_baldo:phpauction:2.1:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.