Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

ASPSitem <= 2.0 - Remote (SQL Injection / DB Disclosure) Vulnerabilities

No description provided by source. ASPSitem = 2.0 Multiple Vulnerabilities. Contacts ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on ASPSitem = 2.0. Original advisory can be found at: http://www.nukedx.com/?viewdoc=39 SQL injection - GET -...

7.1AI score
Exploits0
Prion
Prion
added 2006/06/03 1:2 a.m.16 views

Code injection

Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter...

7.8CVSS7AI score0.02975EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2006/06/03 1:2 a.m.13 views

Sql injection

SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter...

7.5CVSS9.1AI score0.01323EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2006/06/03 1:0 a.m.38 views

CVE-2006-2793

CVE-2006-2793 describes an SQL injection vulnerability in Anket.asp within ASPSitem 2.0 and earlier. The hid parameter is injectable, allowing remote attackers to execute arbitrary SQL commands. Affected software: ASPSitem 2.0 and earlier (Anket.asp). Impact: information disclosure/integrity/avai...

7.5CVSS8.4AI score0.01323EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2006/06/03 1:0 a.m.45 views

CVE-2006-2794

CVE-2006-2794 affects Hesabim.asp in ASPSitem 2.0 and earlier. The underlying issue is insufficient access control: a modified id parameter lets remote attackers read private messages of other users. Documented impact is confidential data disclosure; no explicit patch/version remediation is provi...

7.8CVSS6.6AI score0.02975EPSS
Exploits1References5Affected Software1
Exploit DB
Exploit DB
added 2006/05/28 12:0 a.m.35 views

ASPSitem 2.0 - SQL Injection / Database Disclosure

ASPSitem ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on ASPSitem GET - http://victim/ASPSitemDir/Anket.asp?hid=SQL EXAMPLE - http://victim/ASPSitemDir/Anket.asp?hid=4%20union%20select%20sifre,0%20from%20uyeler%20where%20 id%20like%201 with this example remote...

7.4AI score
Exploits0
Rows per page
Query Builder