CVE-2004-0304

Webcortex Webstores 2000 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bosen · perlwebappsasp

https://www.exploit-db.com/exploits/22698

View Code ZIP pw:eip

References (4)

[Various Sources] http://www.s-quadra.com/advisories/Adv-20040218.txt

[Mailing List] http://marc.info/?l=bugtraq&m=107712159425226&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15253

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/7766

Scores

EPSS 0.0148

EPSS Percentile 81.1%

Details

Status published

Products (1)

webcortex/webstores_2000 6.0

Published Nov 23, 2004

Tracked Since Feb 18, 2026