Lucene search
K

213 matches found

Packet Storm
Packet Storm
added 2010/02/08 12:0 a.m.18 views

LDF SQL Injection

Product : LDF vendor : www.ldf.22.cn Vulnerable Versions : All Default.asp Page has an issue on validating "Page" parameter , It could be exploited by attacker & attacker can inject arbitrary Sql Commands http://www.example.com/ldf path/default.asp?page=SQL COMMAND...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2009/11/17 12:0 a.m.16 views

ActiveBids (default.asp) Blind SQL Injection Vulnerability

No description provided by source. ActiveBids default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true http://server/default.asp?catid=39+and+1=...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/11/17 12:0 a.m.15 views

ActiveBids (default.asp) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== ActiveBids default.asp Blind SQL Injection Vulnerability ========================================================== ActiveBids default.asp Blind SQL Injection Vulnerability Vendor ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/17 12:0 a.m.27 views

ActiveBids - 'default.asp' Blind SQL Injection

ActiveBids default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true http://server/default.asp?catid=39+and+1=0 false :: test ::...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/17 12:0 a.m.20 views

ActiveTrade 2.0 - 'default.asp' Blind SQL Injection

Active Trade 2.0default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true http://server/default.asp?catid=39+and+1=0 false Greetz : WwW.IQ-ty.CoM...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/11/17 12:0 a.m.8 views

ActiveTrade 2.0 - default.asp Blind SQL Injection

ActiveTrade 2.0 - default.asp Blind SQL Injection Active Trade 2.0default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2009/11/17 12:0 a.m.9 views

ActiveBids - default.asp Blind SQL Injection

ActiveBids - default.asp Blind SQL Injection ActiveBids default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2009/05/19 12:0 a.m.34 views

WoDig社区程序Default.asp页面过滤不严导致SQL注入漏洞

WODIG是一套经过完善设计的中文DIGG社区开源程序,是Windows NT服务环境下DIGG社区程序的最佳解决方案。 在文件Default.asp中: tagsname = Request"tagsname" //第33行 …… %Call Default.GetMainPP"Default.asp"% //第157行 GetMainPP过程在文件wolib/ clsclass.asp中: Public Sub GetMainPPpageurl //第827行 …… if tagsname "" then //第839行 Sql = Sql & " and SrcID inSelec...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/04/13 12:0 a.m.41 views

Simbas CMS 2.0 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------- ----------------------------------------------------- Simbas Content Management System auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home:...

7.1AI score
Exploits0
Prion
Prion
added 2009/04/08 10:30 a.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in QuickerSite 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the close parameter to showThumb.aspx; 2 SBredirect and 3 SBfeedback parameters in processsend.asp, as reachable through default.asp; 4 paramCode and 5 cColor...

4.3CVSS6.1AI score0.01718EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2009/04/08 10:0 a.m.22 views

CVE-2008-6675

Multiple cross-site scripting XSS vulnerabilities in QuickerSite 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the close parameter to showThumb.aspx; 2 SBredirect and 3 SBfeedback parameters in processsend.asp, as reachable through default.asp; 4 paramCode and 5 cColor...

5.8AI score0.01718EPSS
Exploits1References6
Prion
Prion
added 2009/04/07 2:17 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Shader TV Beta allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to 1 kanal.asp, 2 google.asp, and 3 hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the 4 username or 5...

6.5CVSS9.1AI score0.00852EPSS
Exploits1References3
NVD
NVD
added 2009/03/02 7:30 p.m.14 views

CVE-2008-6389

SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information...

7.5CVSS8.4AI score0.00973EPSS
Exploits1References3
CVE
CVE
added 2009/03/02 7:0 p.m.65 views

CVE-2008-6369

The CVE-2008-6369 entry concerns a SQL injection in Ocean12 Contact Manager Pro 1.02. The affected component is default.asp, where the Sort parameter enables remote attackers to execute arbitrary SQL commands. The language in the connected records confirms the vulnerability class and affected pro...

7.5CVSS8.7AI score0.01003EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2009/03/02 7:0 p.m.47 views

CVE-2008-6389

The CVE-2008-6389 entry concerns a SQL injection in Rae Media Contact Management Software (SOHO, Standard, Enterprise) via asadmin/default.asp, exploited through the Password parameter. Root cause: improper handling of input in the Password field leads to arbitrary SQL execution by remote attacke...

7.5CVSS8.7AI score0.00973EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/03/02 7:0 p.m.25 views

CVE-2008-6389

SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information...

8.4AI score0.00973EPSS
Exploits1References3
CVE
CVE
added 2009/02/24 6:0 p.m.37 views

CVE-2008-6257

OpenASP 3.0 and earlier are affected by a SQL injection in default.asp (pages module) via the idpage parameter, allowing remote execution of arbitrary SQL commands. Root cause: unsafe SQL construction in the pages module. Affected: Openasp 3.0 and earlier. CVSS indicates high impact with partial ...

7.5CVSS8.7AI score0.00973EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/02/05 12:30 a.m.15 views

Sql injection

SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter...

7.5CVSS9.1AI score0.01836EPSS
Exploits1References2
Prion
Prion
added 2009/01/27 1:30 a.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to 1 default.asp and 2 sedit.asp...

7.5CVSS9.3AI score0.01142EPSS
Exploits1References4
CVE
CVE
added 2009/01/27 1:0 a.m.51 views

CVE-2008-5979

CVE-2008-5979 describes a cross-site scripting (XSS) vulnerability in default.asp of Ocean12 Mailing List Manager Gold. The flaw allows remote attackers to inject arbitrary web script or HTML via the Email parameter, enabling potential session hijacking or defacement depending on the context and ...

4.3CVSS5.9AI score0.01684EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder