CVE-2010-4356

SQL injection vulnerability in newsdefault.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter...

CVE-2009-0252

Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the 1 Login parameter aka username field or the 2 Password parameter aka password field. NOTE: some of these details are obtained from third party...

Merlix Teamworx Server - File Disclosure/Bypass

Merlix Teamworx Server DD/Bypass Multiple Remote Vuln. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ----------------------------------------------------------...

ASP Download 1.03 - Arbitrary Change Administrator Account

ASP Download 1.03 - Arbitrary Change Administrator Account \ ASPDownload v 1.03 Remote Admin Bypass Exploit / \ / / + Author : Underz0ne Crew + Script : ASPDownload v 1.03 + Risk : High + Script URL : http://www.toddwoolums.com/aspdownload.asp + Dork : Powered by AspDownload --//-- Exploit Area :...

CVE-2007-6496

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to register arbitrary users via a request to hosting/addsubsite.asp with the loginname and password parameters set, when preceded by certain requests to hosting/default.asp and hosting/selectdomain.asp, a related issue to...

CVE-2002-2073

Cross-site scripting XSS vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 ctr parameter in Default.asp and 2 the query string to formslogin.asp...