CVE-2002-2335

Name of the Vulnerable Software and Affected Versions Killer Protection version 1.0

Description The issue allows remote attackers to obtain user names and passwords by accessing the vars.inc include file, which is stored under the web root with insufficient access control. This can lead to unauthorized logins using the protection.php file.

Recommendations For Killer Protection version 1.0, consider restricting access to the vars.inc file and limiting access to the protection.php file to prevent unauthorized logins. As a temporary workaround, restrict access to the web root directory to minimize the risk of exploitation.