Unrated severityNVD Advisory· Published Jun 16, 2003· Updated Apr 16, 2026

CVE-2003-0377

Description

SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP.

Affected products

Iisprotect/Iisprotect
cpe:2.3:a:iisprotect:iisprotect:*:*:*:*:*:*:*:*
Range: <=2.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

marc.infonvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000