13 matches found
EUVD-2014-5918
Malware in sbrugna...
ClassApps SelectSurvey.NET SQL Injection Vulnerability
Net is a survey software from ClassApps, Inc. built using Microsoft's cutting-edge . A SQL injection vulnerability exists in the ID parameter of the UploadedImageDisplay.aspx endpoint, which can be exploited by an unauthenticated attacker to retrieve data from the application's back-end database...
ClassApps SelectSurvey.NET SQL注入漏洞
Net is a survey software from ClassApps, Inc. built using Microsoft's cutting-edge . A SQL injection vulnerability exists in the ID parameter of the UploadedImageDisplay.aspx endpoint, which can be exploited by an unauthenticated attacker to retrieve data from the application's back-end database...
CVE-2014-6030
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
Sql injection
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
CVE-2014-6030
CVE-2014-6030 affects ClassApps SelectSurvey.NET before 4.125.002. It exposes multiple SQL injection flaws: unauthenticated via SurveyID in survey/ReviewReadOnlySurvey.aspx and authenticated via SurveyID in survey/UploadImagePopupToDb.aspx. Impact is arbitrary SQL execution (data disclosure/modif...
CVE-2014-6030
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
No description provided by source. Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Test...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
ClassApps SelectSurvey.net - Multiple SQL Injections
Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Tested on: Windows 2008 R2/SQL Server...
ClassApps SelectSurvey.net - Multiple SQL Injections
ClassApps SelectSurvey.net - Multiple SQL Injections Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
ClassApps SelectSurvey.net 4.124.004 SQL Injection
Details ========== Software: ClassApps SelectSurvey.net Description: Multiple SQL Injection Vulnerabilities Version: 4.124.004 Homepage: https://www.classapps.com/SelectSurveyNETOverview.asp Vendor Fix: 4.125.002 CVE: 2014-6030 Timeline ========== Aug 28 2014 - Vendor Notified Aug 28 2014 - CVE...
SelectSurvey CMS (ASP.NET) Arbitrary File Upload
No description provided by source. ============================================================= SelectSurvey CMS ASP.NET Shell Upload Vulnerability ============================================================= Exploit Title: SelectSurvey.NETv4 CMS ASP.NET Shell Upload Vulnerability DDate:...