35 matches found
Design/Logic Flaw
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp...
CVE-2008-0843
StatCounteX 3.0 and 3.1 are affected by a vulnerability that allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp. The available sources corroborate the product/version and the existence of the flaw but do not provide detailed ro...
CVE-2008-0843
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp...
StatCounteX 3.0 & 3.1 Admin Vulnerability
StatCounteX 3.0 & 3.1 Admin Vulnerability No need to exploit ; An attacker can follow /admin.asp link and edit the scripts configurations google dork : intitle:StatCounteX 3.1 Yцnetici SekoMirza From Turkiye !...
CVE-2006-6848
The CVE-2006-6848 entry describes an SQL injection in ASPTicker 1.0, exploiting admin.asp via PATH_INFO (possibly related to the Password parameter) to allow remote execution of arbitrary SQL. This conveys a remote, unauthenticated risk with potential data exposure or modification. No remediation...
ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== ASPTicker 1.0 admin.asp Login ByPass SQL Injection Vulnerability ================================================================== Title : ASPTicker 1.0 admin.asp Remote...
ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability
No description provided by source. Title : ASPTicker 1.0 admin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.aspapps.com $$ : $ 17.00 SQL--------------------------------------------------------- http://target/path//admin.aspByPass Example:...
CVE-2006-0832
Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...
CVE-2006-0832
The CVE-2006-0832 entry describes SQL injection vulnerabilities in WPC.easy’s admin.asp, allowing remote attackers to execute arbitrary SQL commands through the uid and pwd parameters. The provided data identifies the vulnerable component (admin.asp in WPC.easy) and the vulnerable inputs, but doe...
CVE-2006-0832
Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...
CVE-2005-2062
CVE-2005-2062 affects ActiveBuyAndSell 6.2. Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buye...
CVE-2005-1685
Episodex Guestbook is affected by an authentication bypass and unauthorized editing via admin.asp. Multiple sources (NVD/NVD-derived, OpenVAS NASL, Nessus plugin) describe an input-validation flaw in default.asp that enables remote, unauthenticated attackers to access admin functions and inject H...
CVE-2005-1685
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp...
CVE-2005-1685
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp...
PT-2005-2662 · Episodex · Episodex Guestbook
Name of the Vulnerable Software and Affected Versions: episodex guestbook affected versions not specified Description: The issue allows remote attackers to bypass authentication and edit scripts via a direct request to "admin.asp". This enables unauthorized access and modification of scripts,...