VYPR

Adcycle

by Adcycle

CVEs (4)

  • CVE-2001-0425Jun 27, 2001
    risk 0.03cvss epss 0.02

    AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.

  • CVE-2001-1226Dec 25, 2001
    risk 0.00cvss epss 0.02

    AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.

  • CVE-2001-1053Jul 13, 2001
    risk 0.00cvss epss 0.03

    AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.

  • CVE-2000-1161Jan 9, 2001
    risk 0.00cvss epss 0.01

    The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.