Lucene search
K

35 matches found

Prion
Prion
added 2008/02/20 9:44 p.m.15 views

Design/Logic Flaw

StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp...

6.4CVSS6.7AI score0.02552EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2008/02/20 9:0 p.m.46 views

CVE-2008-0843

StatCounteX 3.0 and 3.1 are affected by a vulnerability that allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp. The available sources corroborate the product/version and the existence of the flaw but do not provide detailed ro...

6.4CVSS6.2AI score0.02552EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2008/02/20 9:0 p.m.21 views

CVE-2008-0843

StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp...

6.2AI score0.02552EPSS
Exploits1References6
securityvulns
securityvulns
added 2008/02/15 12:0 a.m.36 views

StatCounteX 3.0 & 3.1 Admin Vulnerability

StatCounteX 3.0 & 3.1 Admin Vulnerability No need to exploit ; An attacker can follow /admin.asp link and edit the scripts configurations google dork : intitle:StatCounteX 3.1 Yцnetici SekoMirza From Turkiye !...

2.6AI score
Exploits0
CVE
CVE
added 2007/01/03 2:0 a.m.40 views

CVE-2006-6848

The CVE-2006-6848 entry describes an SQL injection in ASPTicker 1.0, exploiting admin.asp via PATH_INFO (possibly related to the Password parameter) to allow remote execution of arbitrary SQL. This conveys a remote, unauthenticated risk with potential data exposure or modification. No remediation...

7.5CVSS8.9AI score0.01042EPSS
Exploits0References5Affected Software1
0day.today
0day.today
added 2006/12/28 12:0 a.m.101 views

ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== ASPTicker 1.0 admin.asp Login ByPass SQL Injection Vulnerability ================================================================== Title : ASPTicker 1.0 admin.asp Remote...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/28 12:0 a.m.23 views

ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability

No description provided by source. Title : ASPTicker 1.0 admin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.aspapps.com $$ : $ 17.00 SQL--------------------------------------------------------- http://target/path//admin.aspByPass Example:...

7.1AI score
Exploits0
NVD
NVD
added 2006/02/22 12:2 a.m.13 views

CVE-2006-0832

Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...

7.5CVSS8.5AI score0.01123EPSS
Exploits0References5
CVE
CVE
added 2006/02/22 12:0 a.m.45 views

CVE-2006-0832

The CVE-2006-0832 entry describes SQL injection vulnerabilities in WPC.easy’s admin.asp, allowing remote attackers to execute arbitrary SQL commands through the uid and pwd parameters. The provided data identifies the vulnerable component (admin.asp in WPC.easy) and the vulnerable inputs, but doe...

7.5CVSS8.5AI score0.01123EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/02/22 12:0 a.m.22 views

CVE-2006-0832

Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameter...

8.5AI score0.01123EPSS
Exploits0References5
CVE
CVE
added 2005/06/28 4:0 a.m.62 views

CVE-2005-2062

CVE-2005-2062 affects ActiveBuyAndSell 6.2. Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buye...

7.5CVSS8.9AI score0.01353EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2005/05/25 4:0 a.m.47 views

CVE-2005-1685

Episodex Guestbook is affected by an authentication bypass and unauthorized editing via admin.asp. Multiple sources (NVD/NVD-derived, OpenVAS NASL, Nessus plugin) describe an input-validation flaw in default.asp that enables remote, unauthenticated attackers to access admin functions and inject H...

7.5CVSS6.9AI score0.01728EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/05/25 4:0 a.m.16 views

CVE-2005-1685

episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp...

6.9AI score0.01728EPSS
Exploits0References1
NVD
NVD
added 2005/05/20 4:0 a.m.16 views

CVE-2005-1685

episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp...

7.5CVSS6.9AI score0.01728EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/05/20 12:0 a.m.5 views

PT-2005-2662 · Episodex · Episodex Guestbook

Name of the Vulnerable Software and Affected Versions: episodex guestbook affected versions not specified Description: The issue allows remote attackers to bypass authentication and edit scripts via a direct request to "admin.asp". This enables unauthorized access and modification of scripts,...

7.5CVSS6.7AI score0.01728EPSS
Exploits0References3
Rows per page
Query Builder