Vulnerabilities > CVE-2006-2848 - Remote Security Bypass vulnerability in Full Revolution Aspweblinks 2.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

full-revolution

exploit available

NVD

Published: 2006-06-06

Updated: 2018-10-18

Summary

links.asp in aspWebLinks 2.0 allows remote attackers to change the administrative password, possibly via a direct request with a modified txtAdministrativePassword field.

Vulnerable Configurations

Part	Description	Count
Application	Full_Revolution Full Revolution Aspweblinks 2.0	1

Exploit-Db

description	aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit. CVE-2006-2847,CVE-2006-2848. Webapps exploit for asp platform
file	exploits/asp/webapps/1859.html
id	EDB-ID:1859
last seen	2016-01-31
modified	2006-06-01
platform	asp
port
published	2006-06-01
reporter	ajann
source	https://www.exploit-db.com/download/1859/
title	aspWebLinks 2.0 - Remote SQL Injection / Admin Pass Change Exploit
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References