Vulnerabilities > CVE-2004-0304 - SQL Injection vulnerability in Webcortex Webstores 2000 6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | WebCortex WebStores2000 SQL Injection Vulnerability. CVE-2004-0304 . Webapps exploit for asp platform |
id | EDB-ID:22698 |
last seen | 2016-02-02 |
modified | 2003-05-31 |
published | 2003-05-31 |
reporter | Bosen |
source | https://www.exploit-db.com/download/22698/ |
title | WebCortex WebStores2000 SQL Injection Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | WEBSTORES_BROWSEITEMDETAILS_SQL_INJECTION.NASL |
description | The remote web server is running WebStores 2000, a set of ASP scripts designed to set up an e-commerce store. There is a flaw in the version of WebStores used on the remote host that may allow an attacker to make arbitrary SQL statements to the backend database. An attacker may be able to exploit this issue to add administrative accounts, execute arbitrary commands using the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11692 |
published | 2003-06-03 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11692 |
title | WebStores 2000 browse_item_details.asp SQL Injection |
code |
|