Vulnerabilities > CVE-2004-1843 - SQL Injection vulnerability in Expinion.net Member Management System ID Parameter
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Expinion.net Member Management System 2.1 resend.asp ID Parameter SQL Injection. CVE-2004-1843. Webapps exploit for asp platform id EDB-ID:23852 last seen 2016-02-02 modified 2004-03-20 published 2004-03-20 reporter Manuel Lopez source https://www.exploit-db.com/download/23852/ title Expinion.net Member Management System 2.1 resend.asp ID Parameter SQL Injection description Expinion.net Member Management System 2.1 news_view.asp ID Parameter SQL Injection. CVE-2004-1843. Webapps exploit for asp platform id EDB-ID:23851 last seen 2016-02-02 modified 2004-03-20 published 2004-03-20 reporter Manuel Lopez source https://www.exploit-db.com/download/23851/ title Expinion.net Member Management System 2.1 news_view.asp ID Parameter SQL Injection