Lucene search

[email protected]CVE-2004-2057

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2057

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2057

sql injection

asprunner 2.4

remote attackers

execute

arbitrary sql statements

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.3%

JSON

SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements.

CPENameOperatorVersion
xlinesoft:asprunnerxlinesoft asprunnereq2.0
xlinesoft:asprunnerxlinesoft asprunnereq2.1
xlinesoft:asprunnerxlinesoft asprunnereq2.4
xlinesoft:asprunnerxlinesoft asprunnereq2.3
xlinesoft:asprunnerxlinesoft asprunnereq2.2
xlinesoft:asprunnerxlinesoft asprunnereq1.0

CPE	Name	Operator	Version
xlinesoft:asprunner	xlinesoft asprunner	eq	2.0
xlinesoft:asprunner	xlinesoft asprunner	eq	2.1
xlinesoft:asprunner	xlinesoft asprunner	eq	2.4
xlinesoft:asprunner	xlinesoft asprunner	eq	2.3
xlinesoft:asprunner	xlinesoft asprunner	eq	2.2
xlinesoft:asprunner	xlinesoft asprunner	eq	1.0

References

archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html

ferruh.mavituna.com/article/?574

marc.info/?l=bugtraq&m=109086977330418&w=2

secunia.com/advisories/12164

securitytracker.com/id?1010777

www.osvdb.org/8251

www.securityfocus.com/bid/10799

exchange.xforce.ibmcloud.com/vulnerabilities/16799

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2004-2057

nessus1