High Published: Dec 31, 2002 Modified: Apr 03, 2025

CVE-2002-2304

7.5 CVSS Score High

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Export CVE-2002-2304 Data:

Link copied!

Description

SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Confidentiality P

Integrity P

Availability P

Affected Software Configurations

a myphpsoft myphplinks 2.1.9 * * * * * * *
a myphpsoft myphplinks 2.2.0 * * * * * * *

Weaknesses (CWE)

CWE-89

References & External Links

http://archives.neohapsis.com/archives/bugtraq/2002-12/0134.html
http://www.securityfocus.com/bid/6395
https://exchange.xforce.ibmcloud.com/vulnerabilities/10864
http://archives.neohapsis.com/archives/bugtraq/2002-12/0134.html
http://www.securityfocus.com/bid/6395
https://exchange.xforce.ibmcloud.com/vulnerabilities/10864

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Dec 27, 2007 14:45 Initial Analysis

Jul 29, 2017 01:29 CVE Modified

May 14, 2024 01:22 CVE Modified

Nov 20, 2024 23:43 CVE Modified

← Back to CVE Tracker