Cross-site Scripting Vulnerability in Password Protect by Password Protect
CVE-2004-1648

Currently unrated

Key Information:

Vendor

Web Animations

Status
Password Protect
Vendor
CVE Published:
31 August 2004

What is CVE-2004-1648?

The Password Protect application has a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This is possible through the manipulation of the ShowMsg parameter in specific ASP files such as index.asp, ChangePassword.asp, users_list.asp, and users_add.asp. Successful exploitation of this vulnerability can lead to unauthorized script execution in the context of the user's session, potentially compromising sensitive information and undermining user trust.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17187
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/11073
vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=109414967003192&w=2
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.