← Voltar para CVEs
CVE-2004-1553
N/ADescricao
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado12/31/2004
Ultima modificacao4/16/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
fullrevolution:aspwebalbum
Fraquezas (CWE)
CWE-89
Referencias
http://marc.info/?l=bugtraq&m=109604910025090&w=2(cve@mitre.org)
http://osvdb.org/47913(cve@mitre.org)
http://osvdb.org/47914(cve@mitre.org)
http://secunia.com/advisories/31649(cve@mitre.org)
http://www.securityfocus.com/bid/11246(cve@mitre.org)
http://www.securityfocus.com/bid/30996(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17507(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44876(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44877(cve@mitre.org)
https://www.exploit-db.com/exploits/6357(cve@mitre.org)
https://www.exploit-db.com/exploits/6420(cve@mitre.org)
http://marc.info/?l=bugtraq&m=109604910025090&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/47913(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/47914(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31649(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/11246(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/30996(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17507(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44876(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44877(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/6357(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/6420(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.