CVE-2004-2202

Name of the Vulnerable Software and Affected Versions DUclassified versions 4.0 through 4.2

Description The issue allows remote attackers to bypass authentication and execute commands on the server's underlying database. This can be achieved via the cat id or sub id parameters in "adDetail.asp", or the password parameter in the login form.

Recommendations For versions 4.0 through 4.2, consider restricting access to the adDetail.asp page and the login form until a patch is available. As a temporary workaround, avoid using the cat id, sub id, and password parameters in the affected API endpoints until the issue is resolved.