High Published: Dec 31, 2002 Modified: Apr 03, 2025

CVE-2002-2252

7.5 CVSS Score High

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Export CVE-2002-2252 Data:

Link copied!

Description

SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Confidentiality P

Integrity P

Availability P

Affected Software Configurations

a atthat.com thatware * * * * * * * *

Weaknesses (CWE)

CWE-89

References & External Links

http://archives.neohapsis.com/archives/bugtraq/2002-12/0000.html
http://securitytracker.com/id?1005733
https://exchange.xforce.ibmcloud.com/vulnerabilities/10759
http://archives.neohapsis.com/archives/bugtraq/2002-12/0000.html
http://securitytracker.com/id?1005733
https://exchange.xforce.ibmcloud.com/vulnerabilities/10759

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Dec 19, 2007 18:43 Initial Analysis

Jul 29, 2017 01:29 CVE Modified

May 14, 2024 01:22 CVE Modified

Nov 20, 2024 23:43 CVE Modified

← Back to CVE Tracker