Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1552

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1552
Last Modified 07 Mar 2011 09:17:10
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1552

Summary

SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.

Vulnerable Systems

Application

  • Full Revolution Aspwebcalendar 4.5


References

XF - aspwebcalendar-sql-injection(17506)

VUPEN - ADV-2007-1093

BID - 11246

SECUNIA - 12651

BUGTRAQ - 20040923 aspWebCalendar /aspWebAlbum: SQL injection

XF - aspwebcalendar-calendar-sql-injection(33157)

BID - 23098

MILW0RM - 3546

SECUNIA - 24622


Last Updated: 27 May 2016 10:39:05