1. Home
  2. CVE Database
  3. CVE-2004-1555
HIGH · 7.5

CVE-2004-1555

Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter t...

Vulnerability Description

Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Broadboard InstantAsp Message BoardAll versions

References

FAQ

What is CVE-2004-1555?

CVE-2004-1555 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter t...

How severe is CVE-2004-1555?

CVE-2004-1555 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-1555?

Check the references section above for vendor advisories and patch information. Affected products include: Broadboard Instant Asp Message Board.