← back
CVE-2001-0088

CVE-2001-0088

EPSS 1.8%
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2000-12/0025.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/5625http://www.securityfocus.com/bid/2047