Lucene search

[email protected]CVE-2004-1961

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1961

2005-05-1004:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1961

sql injection

protector system

remote attackers

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

JSON

blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded “'” characters (“%27”).

Affected configurations

NVD

Node

protector_systemprotector_systemMatch1.15b1

CPENameOperatorVersion
protector_system:protector_systemprotector systemeq1.15b1

CPE	Name	Operator	Version
protector_system:protector_system	protector system	eq	1.15b1

References

protector.warcenter.se/article-53--0-0.html

www.securityfocus.com/archive/1/361300/2004-04-21/2004-04-27/0

www.securityfocus.com/bid/10206

www.waraxe.us/index.php?modname=sa&id=25

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

JSON

Related for CVE-2004-1961

cvelist1 nvd1