CVE Vulnerabilities

CVE-2004-2067

Published: Jul 29, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters.

Affected Software

Name Vendor Start Version End Version
Jaws Jaws 0.2 0.2
Jaws Jaws 0.3 0.3
Jaws Jaws 0.4 0.4

References