CVE-2001-0995

PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.

Published: Aug 31, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0995
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
phpprojekt / phpprojekt	-	2.4a.x
phpprojekt / phpprojekt	2.0	2.0.x
phpprojekt / phpprojekt	2.2	2.2.x
phpprojekt / phpprojekt	2.1	2.1.x
phpprojekt / phpprojekt	2.1a	2.1a.x
phpprojekt / phpprojekt	2.3	2.3.x
phpprojekt / phpprojekt	2.0.1	2.0.1.x

http://www.phprojekt.com/ChangeLog
http://www.securityfocus.com/archive/1/210349
http://www.securityfocus.com/bid/3239
https://exchange.xforce.ibmcloud.com/vulnerabilities/7035

Vulnerability Database

CVE-2001-0995