CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-2067

HIGH
7.5
CVSS Severity Score
EPSS Score0.1340%
EPSS Percentile34.03th
Published2004年7月29日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters.

Affected Platforms (CPE)

📦
Jaws

Jaws

= 0.2
📦
Jaws

Jaws

= 0.3
📦
Jaws

Jaws

= 0.4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=109116345930380&w=2
🔗 http://securitytracker.com/id?1010815
🔗 http://www.jaws.com.mx/index.php?gadget=blog&action=single_view&id=10
🔗 http://www.osvdb.org/8320
🔗 http://www.securityfocus.com/bid/10826
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16847
🔗 http://marc.info/?l=bugtraq&m=109116345930380&w=2
🔗 http://securitytracker.com/id?1010815

相關漏洞威脅

CVE-2016-200169.8

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI....

CVE-2006-32927.5

SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows remote attackers to execute arbitrary SQL commands via queri...

CVE-2019-253337.5

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access sys...

CVE-2004-24437.5

Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the M...