8 matches found
CVE-2004-2057
SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements...
CVE-2004-2059
CVE-2004-2059 : The provided documents describe multiple cross-site scripting vulnerabilities in ASPrunner 2.4 . The flaws allow remote attackers to inject arbitrary web script or HTML via four input vectors: (1) the SearchFor parameter in [TABLE-NAME]_search.asp, (2) the SQL parameter in [TABLE-...
CVE-2004-2057
CVE-2004-2057 affects ASPrunner, specifically version 2.4. The vulnerability is described as a SQL injection that would let remote attackers execute arbitrary SQL statements. The provided connected documents confirm the flaw exists in ASPrunner 2.4 and indicate multiple issues in older ASPrunner ...
CVE-2004-2058
CVE-2004-2058 affects ASPrunner 2.4, where a remote attacker can disclose sensitive information via (1) hidden form fields or (2) error messages. The core description in the CVE entry is that ASPRunner 2.4 allows information disclosure to unauthenticated remote actors. Connected documents corrobo...
CVE-2004-2059
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 SearchFor parameter in TABLE-NAMEsearch.asp, 2 SQL parameter in TABLE-NAMEedit.asp, 3 SearchFor parameter in TABLElist.asp, or 4 SQL parameter in export.asp...
CVE-2004-2057
SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements...
CVE-2004-2059
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 SearchFor parameter in TABLE-NAMEsearch.asp, 2 SQL parameter in TABLE-NAMEedit.asp, 3 SearchFor parameter in TABLElist.asp, or 4 SQL parameter in export.asp...
CVE-2004-2058
ASPRunner 2.4 allows remote attackers to gain sensitive information via 1 hidden form fields or 2 error messages...