Vulnerability Details CVE-2004-1588
SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=109751522823011&w=2
- http://secunia.com/advisories/12790/
- http://www.securityfocus.com/bid/11361
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17678
- http://marc.info/?l=bugtraq&m=109751522823011&w=2
- http://secunia.com/advisories/12790/
- http://www.securityfocus.com/bid/11361
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17678
Products affected by CVE-2004-1588
-
cpe:2.3:a:gosmart:gosmart_message_board:*