← CVECheck
HomeVulnerabilities

CVE-2004-1846 — HIGH severity vulnerability (Multiple SQL injection vulnerabilities in News Manager Lite)

Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.

CVE IDCVE-2004-1846
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-03-20
Last modified2026-04-16
DescriptionMultiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →