John Drake : Security Vulnerabilities, CVEs, Published In 2002
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php.
Max CVSS
5.0
EPSS Score
1.20%
Published
2002-12-31
Updated
2008-09-05
1 vulnerabilities found