Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Jun 16, 2026
CVE-2002-0995
CVE-2002-0995
Description
login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:gianluca_baldo:phpauction:1.2:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:gianluca_baldo:phpauction:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:gianluca_baldo:phpauction:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:gianluca_baldo:phpauction:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gianluca_baldo:phpauction:2.1:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/5141nvdExploitVendor Advisory
- www.iss.net/security_center/static/9462.phpnvdVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2002-07/0014.htmlnvd
- www.phpauction.org/viewnew.phpnvd
News mentions
0No linked articles in our index yet.