CVE-2001-0088

Name of the Vulnerable Software and Affected Versions: phpWebLog version 0.4.2

Description: The issue arises from the improper initialization of the $CONF array in the common.inc.php file, which results in the password being set to a single character. This allows remote attackers to easily guess the SiteKey and gain administrative privileges.

Recommendations: For phpWebLog version 0.4.2, ensure proper initialization of the $CONF array to prevent the password from being set to a single character, thereby preventing remote attackers from guessing the SiteKey and gaining administrative privileges.