22 matches found
EUVD-2014-5918
Malware in sbrugna...
EUVD-2021-28622
Malicious code in bioql PyPI...
EUVD-2021-28623
Malicious code in bioql PyPI...
CVE-2021-41608
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...
ClassApps SelectSurvey.NET SQL Injection Vulnerability
Net is a survey software from ClassApps, Inc. built using Microsoft's cutting-edge . A SQL injection vulnerability exists in the ID parameter of the UploadedImageDisplay.aspx endpoint, which can be exploited by an unauthenticated attacker to retrieve data from the application's back-end database...
CVE-2021-41608
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
CVE-2021-41608
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...
Sql injection
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
Arbitrary file deletion
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...
CVE-2021-41608
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1...
CVE-2021-41608
CVE-2021-41608 affects ClassApps SelectSurvey.NET (pre-5.052.000) via the UploadedImageDisplay.aspx endpoint. The issue lets a remote, unauthenticated attacker retrieve survey user-submitted data by incrementing the ID parameter from 1 upward, exposing partial confidentiality of data. The vulnera...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
CVE-2021-41609
The connected sources confirm a SQL injection vulnerability (CVE-2021-41609) in ClassApps SelectSurvey.NET; the ID parameter of UploadedImageDisplay.aspx allows remote, unauthenticated attackers to retrieve data from the backend DB via boolean-based blind and UNION injections. Affected software: ...
CVE-2014-6030
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
Sql injection
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
CVE-2014-6030
CVE-2014-6030 affects ClassApps SelectSurvey.NET before 4.125.002. It exposes multiple SQL injection flaws: unauthenticated via SurveyID in survey/ReviewReadOnlySurvey.aspx and authenticated via SurveyID in survey/UploadImagePopupToDb.aspx. Impact is arbitrary SQL execution (data disclosure/modif...
CVE-2014-6030
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow 1 remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or 2 remote authenticated users to execute arbitrary SQL commands via the SurveyID...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
No description provided by source. Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Test...
ClassApps SelectSurvey.net - Multiple SQL Injections
Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Tested on: Windows 2008 R2/SQL Server...