NuytsTech Security

CVE-2001-0088

by ·

common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.

Date published : 2001-02-02

http://www.securityfocus.com/bid/2047

http://archives.neohapsis.com/archives/bugtraq/2000-12/0025.html

Tags: