CVE-2002-0995

PHPAuction - Unauthenticated Privilege Escalation via Direct login.php Action Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0995. PoCs published by ethx.

AI-analyzed exploit summary This exploit leverages a flaw in PhpAuction's /admin/login.php to create an administrative account by submitting credentials via a POST request. The vulnerability allows privilege escalation by bypassing proper authentication checks.

Description

login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ethx · textwebappsphp
https://www.exploit-db.com/exploits/21590

This exploit leverages a flaw in PhpAuction's /admin/login.php to create an administrative account by submitting credentials via a POST request. The vulnerability allows privilege escalation by bypassing proper authentication checks.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: PhpAuction (version not specified)
No auth needed
Prerequisites: Access to the target's /admin/login.php endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5141
Various Sources x_refsource_confirm
http://www.phpauction.org/viewnew.php?id=5
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-07/0014.html
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9462.php

Scores

EPSS 0.0282
EPSS Percentile 85.0%

Details

Status published
Products (4)
gianluca_baldo/phpauction 1.2
gianluca_baldo/phpauction 1.3
gianluca_baldo/phpauction 2.0
gianluca_baldo/phpauction 2.1
Published Oct 04, 2002
Tracked Since Feb 18, 2026