CVE-2002-1952

phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phprank:phprank:1.8:*:*:*:*:*:*:*

History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-10/0148.html - () http://archives.neohapsis.com/archives/bugtraq/2002-10/0148.html -
References () http://www.iss.net/security_center/static/10353.php - () http://www.iss.net/security_center/static/10353.php -
References () http://www.securityfocus.com/bid/5948 - () http://www.securityfocus.com/bid/5948 -

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:42


NVD link : CVE-2002-1952

Mitre link : CVE-2002-1952

CVE.ORG link : CVE-2002-1952


JSON object : View

Products Affected

phprank

  • phprank