CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Factosystem: >> Factosystem Weblog >> 1.0_beta Security Vulnerabilities

CVE-2002-1499

Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp.

CVSS Score

7.5

EPSS Score

0.005

Published

2003-04-02

Page 1

Vulnerabilities

Vulnerable Software

Factosystem: >> Factosystem Weblog >> 1.0_beta Security Vulnerabilities

Products

Pricing

Contact Us