Vulnerabilities > CVE-2002-1699 - SQL Injection vulnerability in Pascal Michaud ASP Client Check 1.3/1.5

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

pascal-michaud

critical

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.

Vulnerable Configurations

Part	Description	Count
Application	Pascal_Michaud Pascal Michaud ASP Client Check 1.3 Pascal Michaud ASP Client Check 1.5	2

References

http://www.osvdb.org/21558
http://www.securiteam.com/windowsntfocus/5BP031P75C.html
http://www.securityfocus.com/bid/4676
https://exchange.xforce.ibmcloud.com/vulnerabilities/9015