← CVECheck
HomeVulnerabilities

CVE-2001-0972 — HIGH severity vulnerability (Surf-Net ASP Forum before 2.30 uses easily guessable cookies)

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."

CVE IDCVE-2001-0972
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2001-08-31
Last modified2026-04-16
DescriptionSurf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →