Vulnerabilities > CVE-2004-1952 - SQL Injection vulnerability in Advanced Guestbook Advanced Guestbook 2.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
advanced-guestbook
exploit available
NVD
Published: 2004-04-23
Updated: 2017-07-11

Summary

SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password.

Vulnerable Configurations

Part Description Count
Application
Advanced_Guestbook
1

Exploit-Db

descriptionAdvanced Guestbook 2.2 Password Parameter SQL Injection Vulnerability. CVE-2004-1952. Webapps exploit for php platform
idEDB-ID:24050
last seen2016-02-02
modified2004-04-23
published2004-04-23
reporterJQ
sourcehttps://www.exploit-db.com/download/24050/
titleAdvanced Guestbook 2.2 Password Parameter SQL Injection Vulnerability

References