Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0665

5 documents4 sources

Severity

10.0CRITICAL

EPSS

3.4%

top 12.65%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Macromedia Jrun

Timeline

PublishedJul 11

Latest updateApr 30

Description

Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmacromedia/jrun3.0, 3.1, 4.0+2

🔴Vulnerability Details

GHSA

GHSA-86jh-5x2w-v68j: Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL↗2022-04-30

▶

CVEList

CVE-2002-0665: Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL↗2003-04-02

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Access 97/2000/2002 Snapshot Viewer - ActiveX Control Parameter Buffer Overflow↗2003-09-03

▶

Exploit-DB

Macromedia JRun 3/4 - Administrative Authentication Bypass↗2002-06-28

▶