CVE-2004-1588 - CERT CVE
ID CVE-2004-1588
Sažetak SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp.
Reference
CVSS
Base: 7.5
Impact: 6.4
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 11-07-2017 - 01:31
Objavljeno 31-12-2004 - 05:00