35 matches found
EUVD-2006-6831
Malware in sbrugna...
EUVD-2006-0838
Malware in sbrugna...
EUVD-2005-2064
Malware in sbrugna...
EUVD-2006-6811
Malware in sbrugna...
CVE-2018-18776
CVE-2018-18776 concerns MicroStrategy Web 7, where an XSS vulnerability arises because input is not sufficiently encoded. The issue is exploitable via the admin/admin.asp ShowAll parameter, enabling a cross-site scripting attack. The product is deprecated, and multiple external sources (including...
Sql injection
admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp...
CVE-2018-14960
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp...
Cross site request forgery (csrf)
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp...
CVE-2018-14960
CVE-2018-14960 affects Xiao5uCompany 1.7. The vulnerability is a CSRF via admin/Admin.asp, allowing remote attackers to add administrator or other user accounts (per CNVD CNVD-2018-17499). Impact and exploit details: the CSRF could compromise account management, potentially affecting all users th...
CVE-2018-14960
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp...
Authentication flaw
West Wind Web Server 6.x does not require authentication for /ADMIN.ASP...
CVE-2018-6569
West Wind Web Server 6.x is affected: the /ADMIN.ASP page can be accessed without authentication, allowing an attacker to perform actions with potential program execution, termination, data disclosure, or DoS as described in linked CVE records. This is supported by multiple sources (CVE-2018-6569...
My School Script Data Base Download Vulnerability
No description provided by source. ======================================================================================== | Title : My School Script Data Base Download Vulnerability | Author : indoushka | Home : www.iqs3cur1ty.com | Bug : DB ====================== Exploit By indoushka...
GuangAnSiheng /admin/admin.asp 登录绕过漏洞
No description provided by source...
Sql injection
Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 ID parameter to demo/classifieds/product.asp, or 2 UserID or 3 Password field to demo/classifieds/admin.asp...
ezCourses - admin.asp Security Bypass
ezCourses - admin.asp Security Bypass source: https://www.securityfocus.com/bid/49907/info ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change t...
B2B Horizontal Marketplace Creator 2.0 SQL Injection
--------------------------------------------------------- Portal Name: B2B Horizontal Marketplace Creator Version: 2.0 Vendor: http://www.etoshop.com Author : PouyaServer , [email protected] Website: http://Pouya-Server.ir Vulnerability : Auth Bypass SQL Injection Vulnerability...
Sql injection
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via 1 the user parameter aka UserName field or 2 the pass parameter aka Pass field to a admin/admin.asp or b the default URI under admin/. NOTE: some of these detai...
CVE-2009-0447
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via 1 the user parameter aka UserName field or 2 the pass parameter aka Pass field to a admin/admin.asp or b the default URI under admin/. NOTE: some of these detai...
Sql injection
Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 hitcounter.asp, 2 userdelete.asp, and 3 userupdate.asp; 4 the userid parameter to adminlogin.asp aka the USERNAME field in admin.asp; and 5 the PassWord paramete...