phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
References
Configurations
History
20 Nov 2024, 23:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2002-10/0148.html - | |
References | () http://www.iss.net/security_center/static/10353.php - | |
References | () http://www.securityfocus.com/bid/5948 - |
Information
Published : 2002-12-31 05:00
Updated : 2024-11-20 23:42
NVD link : CVE-2002-1952
Mitre link : CVE-2002-1952
CVE.ORG link : CVE-2002-1952
JSON object : View
Products Affected
phprank
- phprank
CWE