CVE-2004-0304

SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.

Published: Nov 23, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0304
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
webcortex / webstores_2000	6.0	6.0.x

http://marc.info/?l=bugtraq&m=107712159425226&w=2
http://www.s-quadra.com/advisories/Adv-20040218.txt
http://www.securityfocus.com/bid/7766
https://exchange.xforce.ibmcloud.com/vulnerabilities/15253

Vulnerability Database

290,273

CVE-2004-0304