Vulnerabilities > CVE-2004-2561 - Unspecified vulnerability in Internet Sofware Sciences Web+Center 4.0.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN internet-sofware-sciences
exploit available
Summary
Multiple SQL injection vulnerabilities in Internet Software Sciences Web+Center 4.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the ISS_TECH_CENTER_LOGIN cookie in search.asp and (2) one or more cookies in DoCustomerOptions.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Internet Software Sciences Web+Center 4.0.1 Cookie Object SQL Injection Vulnerability. CVE-2004-2561. Webapps exploit for asp platform |
| id | EDB-ID:24298 |
| last seen | 2016-02-02 |
| modified | 2004-07-21 |
| published | 2004-07-21 |
| reporter | Noam Rathaus |
| source | https://www.exploit-db.com/download/24298/ |
| title | Internet Software Sciences Web+Center 4.0.1 - Cookie Object SQL Injection Vulnerability |
References
- http://secunia.com/advisories/12121
- http://secunia.com/advisories/12121
- http://www.osvdb.org/8180
- http://www.osvdb.org/8180
- http://www.securiteam.com/windowsntfocus/5RP0N0ADGK.html
- http://www.securiteam.com/windowsntfocus/5RP0N0ADGK.html
- http://www.securityfocus.com/bid/10771
- http://www.securityfocus.com/bid/10771
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16775
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16775