Описание
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1552
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17506
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33157
- https://www.exploit-db.com/exploits/3546
- http://marc.info/?l=bugtraq&m=109604910025090&w=2
- http://secunia.com/advisories/12651
- http://secunia.com/advisories/24622
- http://www.securityfocus.com/bid/11246
- http://www.securityfocus.com/bid/23098
- http://www.vupen.com/english/advisories/2007/1093
EPSS
Процентиль: 89%
0.04304
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.
EPSS
Процентиль: 89%
0.04304
Низкий