Описание
SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter.
SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1541
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25544
- https://www.exploit-db.com/exploits/1623
- http://marc.info/?l=full-disclosure&m=114367573519326&w=2
- http://secunia.com/advisories/19441
- http://www.nukedx.com/?viewdoc=22
- http://www.osvdb.org/24256
- http://www.securityfocus.com/archive/1/429487/100/0/threaded
- http://www.securityfocus.com/bid/17309
- http://www.vupen.com/english/advisories/2006/1164
EPSS
Процентиль: 81%
0.01477
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter.
EPSS
Процентиль: 81%
0.01477
Низкий