Web Animations : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter.
Max CVSS
4.3
EPSS Score
0.68%
Published
2004-08-31
Updated
2017-07-11
SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via (1) admin or Pass parameter to index_next.asp, (2) LoginId, OPass, or NPass to CPassChangePassword.asp, (3) users_edit.asp, or (4) users_add.asp.
Max CVSS
7.5
EPSS Score
0.18%
Published
2004-08-30
Updated
2017-07-11
2 vulnerabilities found