6 matches found
EUVD-2008-2044
Malware in sbrugna...
CVE-2009-4820
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb...
Sql injection
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 hpz/profil.asp and 2 hpz/prodetail.asp...
Cross site scripting
Cross-site scripting XSS vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter...
CVE-2008-2047
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 hpz/profil.asp and 2 hpz/prodetail.asp...
CVE-2008-2047
Angelo-Emlak 1.0 is affected by CVE-2008-2047 due to multiple SQL injection vulnerabilities in the id parameter of hpz/profil.asp and hpz/prodetail.asp. The underlying issue is unsanitized input in the id parameter allowing remote attackers to execute arbitrary SQL commands. CVSS shows a high imp...