Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-1017
CVE-2005-1017
Description
SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1.33 and earlier allows remote attackers to execute arbitrary SQL commands via the EVENT_ID parameter, as demonstrated using events.asp.
Affected products
2cpe:2.3:a:maxwebportal:maxwebportal:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:maxwebportal:maxwebportal:*:*:*:*:*:*:*:*range: <=1.33
- (no CPE)range: <=1.33
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/14752nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- www.hackerscenter.com/archive/view.aspnvdExploit
- www.securityfocus.com/bid/12968nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/19928nvd
News mentions
0No linked articles in our index yet.