CVE-2004-1553

aspWebAlbum - SQL Injection via Username Field or Cat Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-1553. PoCs published by e.wiZz!, Alemin_Krali.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in aspWebAlbum 3.2, including arbitrary file upload, admin bypass via SQL injection, and XSS. It provides clear URLs and parameters for exploitation.

Description

SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.

Exploits (2)

exploitdb WORKING POC VERIFIED

by e.wiZz! · textwebappsasp

https://www.exploit-db.com/exploits/6420

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in aspWebAlbum 3.2, including arbitrary file upload, admin bypass via SQL injection, and XSS. It provides clear URLs and parameters for exploitation.

Classification

Working Poc 90%

Attack Type

Rce | Sqli | Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: aspWebAlbum 3.2

No auth needed

Prerequisites: Access to the target web application · Knowledge of category names for file upload

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Alemin_Krali · textwebappsphp

https://www.exploit-db.com/exploits/6357

View Code ZIP pw:eip

This is a writeup detailing multiple vulnerabilities in aspWebAlbum 3.2, including arbitrary file upload, admin bypass, and XSS. It provides URLs and parameters for exploitation but does not include functional exploit code.

Classification

Writeup 90%