Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-1552

Description

SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.

Affected products

Fullrevolution/Aspwebcalendar
cpe:2.3:a:full_revolution:aspwebcalendar:4.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/11246nvdExploit
secunia.com/advisories/12651nvdVendor Advisory
marc.infonvd
secunia.com/advisories/24622nvd
www.securityfocus.com/bid/23098nvd
www.vupen.com/english/advisories/2007/1093nvd
exchange.xforce.ibmcloud.com/vulnerabilities/17506nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33157nvd
www.exploit-db.com/exploits/3546nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000