Vulnerabilities > CVE-2004-2542 - Undisclosed SQL Injection vulnerability in Dynix WebPac

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

dynix

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.

Vulnerable Configurations

Part	Description	Count
Application	Dynix Dynix Webpac *	1

References

http://archives.neohapsis.com/archives/bugtraq/2004-08/0354.html
http://securitytracker.com/id?1011073
http://www.osvdb.org/9274
http://www.securityfocus.com/bid/11037
https://exchange.xforce.ibmcloud.com/vulnerabilities/17128