Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2067

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2067
Last Modified 05 Sep 2008 04:43:06
Published 29 Jul 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2067

Summary

SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters.

Vulnerable Systems

Application

  • Jaws 0.2

  • Jaws 0.3

  • Jaws 0.4


References

XF - jaws-controlpanel-sql-injection(16847)

BID - 10826

OSVDB - 8320

SECTRACK - 1010815

BUGTRAQ - 20040729 Jaws 0.4: authentication bypass


Last Updated: 27 May 2016 10:39:18