CVE Vulnerabilities

CVE-2004-1552

Published: Dec 31, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.

Affected Software

Name Vendor Start Version End Version
Aspwebcalendar Full_revolution 4.5 (including) 4.5 (including)

References