返回 CVE 瀏覽器

CVE-2004-1668

HIGH

7.5

CVSS Severity Score

EPSS Score0.0650%

EPSS Percentile9.66th

Published2004年9月10日

Last Modified2026年4月16日

Vulnerability Description

Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters.

Affected Platforms (CPE)

📦

Easyweb

Factory Subjects Module

= 2.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=109483089621955&w=2

🔗 http://secunia.com/advisories/12497

🔗 http://www.securityfocus.com/bid/11148

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17311

🔗 http://marc.info/?l=bugtraq&m=109483089621955&w=2

🔗 http://secunia.com/advisories/12497

🔗 http://www.securityfocus.com/bid/11148

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17311

相關漏洞威脅

CVE-2004-044410.0

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal F...

CVE-2004-000210.0

The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaust...

CVE-2004-176010.0

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not ...

CVE-2004-003910.0

Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54...