← CVECheck
HomeVulnerabilities

CVE-2001-0088 — HIGH severity vulnerability (common.inc.php in phpWebLog 0.4.2 does not properly initiali)

common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.

CVE IDCVE-2001-0088
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-02-16
Last modified2026-04-16
Descriptioncommon.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →