Vulnerability Description
Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dynix | Webpac | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-08/0354.html
- http://securitytracker.com/id?1011073
- http://www.osvdb.org/9274
- http://www.securityfocus.com/bid/11037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17128
- http://archives.neohapsis.com/archives/bugtraq/2004-08/0354.html
- http://securitytracker.com/id?1011073
- http://www.osvdb.org/9274
- http://www.securityfocus.com/bid/11037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17128
FAQ
What is CVE-2004-2542?
CVE-2004-2542 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to exec...
How severe is CVE-2004-2542?
CVE-2004-2542 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2542?
Check the references section above for vendor advisories and patch information. Affected products include: Dynix Webpac.