AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Adcycle | Adcycle | 0.78b | 0.78b |
Adcycle | Adcycle | 0.77 | 0.77 |