Lucene search

[email protected]NVD:CVE-2004-1552

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1552

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.

Affected configurations

NVD

Node

full_revolutionaspwebcalendarMatch4.5

References

marc.info/?l=bugtraq&m=109604910025090&w=2

secunia.com/advisories/12651

secunia.com/advisories/24622

www.securityfocus.com/bid/11246

www.securityfocus.com/bid/23098

www.vupen.com/english/advisories/2007/1093

exchange.xforce.ibmcloud.com/vulnerabilities/17506

exchange.xforce.ibmcloud.com/vulnerabilities/33157

www.exploit-db.com/exploits/3546

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for NVD:CVE-2004-1552

nessus1 cve1 cvelist1