CVE-2004-2324

2005-08-1604:00:00

mitre

www.cve.org

AI Score

7.6

Confidence

Low

EPSS

0.005

Percentile

76.8%

JSON

SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the (1) table and (2) field parameters in LinkClick.aspx.

References

archives.neohapsis.com/archives/fulldisclosure/2004-01/1161.html

secunia.com/advisories/10747

www.osvdb.org/3750

www.securityfocus.com/bid/9518

exchange.xforce.ibmcloud.com/vulnerabilities/14973