CVE-2004-2699

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
31/12/2004
Last modified:
03/04/2025

Description

deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:aspdotnetstorefront:aspdotnetstorefront:3.3:*:*:*:*:*:*:*