CVE-2004-2746

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

Ссылки

http://secunia.com/advisories/10659
Vendor Advisory
http://securityreason.com/securityalert/3346
http://securitytracker.com/id?1008745
http://www.osvdb.org/3585
http://www.pensacolawebdesigns.com/xtremeasp/readmore.asp
Patch
http://www.securityfocus.com/archive/1/350028/30/21640/threaded
http://www.securityfocus.com/bid/9438
http://www.tripbit.org/advisories/TA-150104.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/14860
http://secunia.com/advisories/10659
Vendor Advisory
http://securityreason.com/securityalert/3346
http://securitytracker.com/id?1008745
http://www.osvdb.org/3585
http://www.pensacolawebdesigns.com/xtremeasp/readmore.asp
Patch
http://www.securityfocus.com/archive/1/350028/30/21640/threaded
http://www.securityfocus.com/bid/9438
http://www.tripbit.org/advisories/TA-150104.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/14860

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pensacola_web_designs:xtremeasp_photogallery:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.008

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-pgc8-5qmg-9q4q

github

почти 4 года назад