Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1)

Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection 1 source: https://www.securityfocus.com/bid/8159/info It has been reported that VP-ASP does not sufficiently sanitize user input passed to the shopexd.asp script contained in the software. As a result, it may be possible for remote...

PHP-Board 1.0 - User Password Disclosure

source: https://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative...

CVE-2002-0107

Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message...