NVD

Id
71932  
Name
CVE-2004-1553  
Description
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2004-12-31  
Modified Date
2017-07-10  
Seq
2004-1553  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
371788 71932 CVE-2004-1553 20040923 aspWebCalendar /aspWebAlbum: SQL injection  View
371789 71932 CVE-2004-1553 6357  View
371790 71932 CVE-2004-1553 6420  View
371791 71932 CVE-2004-1553 11246  View
371792 71932 CVE-2004-1553 30996  View
371793 71932 CVE-2004-1553 aspwebalbum-sql-injection(17507)  View
371794 71932 CVE-2004-1553 aspwebalbum-image-file-upload(44876)  View
371795 71932 CVE-2004-1553 aspwebalbum-album-sql-injection(44877)  View

Related JVN