NVD

Id
80452  
Name
CVE-2002-1499  
Description
Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-05  
Published
2003-04-02  
Modified Date
2008-09-05  
Seq
2002-1499  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
401159 80452 CVE-2002-1499 20020830 FactoSystem CMS Contains Multiple Vulnerabilities  View
401160 80452 CVE-2002-1499 20020831 FactoSystem CMS Contains Multiple Vulnerabilities  View
401161 80452 CVE-2002-1499 http://sourceforge.net/tracker/index.php?func=detail&aid=602711&group_id=12668&atid=112668  View
401162 80452 CVE-2002-1499 factosystem-asp-sql-injection(10000)  View
401163 80452 CVE-2002-1499 5600  View

Related JVN