Vulnerability Details CVE-2002-0581
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html
- http://www.iss.net/security_center/static/8903.php
- http://www.securityfocus.com/bid/4555
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html
- http://www.iss.net/security_center/static/8903.php
- http://www.securityfocus.com/bid/4555
Products affected by CVE-2002-0581
-
cpe:2.3:a:workforceroi:xpede:4.1