Vulnerabilities (CVE)

Filtered by vendor Adcycle Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1226 1 Adcycle 1 Adcycle 2024-11-20 5.0 MEDIUM N/A
AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
CVE-2001-1053 1 Adcycle 1 Adcycle 2024-11-20 10.0 HIGH N/A
AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument.
CVE-2001-0425 1 Adcycle 1 Adcycle 2024-11-20 7.5 HIGH N/A
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.
CVE-2000-1161 1 Adcycle 1 Adcycle 2024-11-20 7.5 HIGH N/A
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.