https://www.exploit-db.com/exploits/24420
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200408-231

PasswordProtect存在SQL注入漏洞。远程攻击者借助(1)index_next.asp的admin或者Pass参数，(2)CPassChangePassword.asp的LoginId，OPass，或者NPassCPassChangePassword.asp，(3)users_edit.asp，或者(4)users_add.asp执行任意SQL语句和绕过认证。

source: http://www.securityfocus.com/bid/11073/info

Password Protect is reported prone to a multiple cross-site scripting and SQL injection vulnerabilities. These issues occur due to insufficient sanitization of user-supplied input. Successful exploitation of these issues may result in arbitrary HTML and script code execution and/or compromise of the underlying database.

It is reported that these issues could be exploited to gain unauthorized administrative access to the application.

All versions of Password Protect are considered vulnerable to these issues. 

SQL injection

/adminSection/index_next.asp?admin = (SQLInjection) Pass = (SQLInjection)

/adminSection/ChangePassword.asp?LoginId=(SQLInjection) OPass=(SQLInjection) NPass=(SQLInjection) CPass=(SQLInjection)

Cross-site scripting:
/adminSection/index.asp?ShowMsg=(XSS)
/adminSection/ChangePassword.asp?ShowMsg=(XSS)
/adminSection/users_list.asp?ShowMsg=(XSS)
/adminSection/users_add.asp?ShowMsg=(XSS)

来源:XF
名称:password-protect-sql-injection(17188)
链接:http://xforce.iss.net/xforce/xfdb/17188
来源:BID
名称:11073
链接:http://www.securityfocus.com/bid/11073
来源:www.criolabs.net
链接:http://www.criolabs.net/advisories/passprotect.txt
来源:SECUNIA
名称:12407
链接:http://secunia.com/advisories/12407
来源:BUGTRAQ
名称:20040830PasswordProtectXSSandSQL-Injectionvulnerabilities.
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=109414967003192&w;=2