3 matches found
CVE-2004-1647
SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via 1 admin or Pass parameter to indexnext.asp, 2 LoginId, OPass, or NPass to CPassChangePassword.asp, 3 usersedit.asp, or 4 usersadd.asp...
CVE-2004-1647
Password Protect is vulnerable to SQL injection in multiple entry points. The CVE describes bypassing authentication and arbitrary SQL execution via parameters in ASP pages: (1) index_next.asp with admin/Pass, (2) CPassChangePassword.asp with LoginId, OPass, or NPass, (3) users_edit.asp, and (4) ...
CVE-2004-1647
SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via 1 admin or Pass parameter to indexnext.asp, 2 LoginId, OPass, or NPass to CPassChangePassword.asp, 3 usersedit.asp, or 4 usersadd.asp...