← CVECheck
HomeVulnerabilities

CVE-2003-0377 — HIGH severity vulnerability (SQL injection vulnerability in the web-based administration)

SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP.

CVE IDCVE-2003-0377
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWECWE-89
StatusModified
Published2003-06-16
Last modified2026-04-16
DescriptionSQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →