16 matches found
EUVD-2008-5250
Malware in sbrugna...
EUVD-2008-5251
Malware in sbrugna...
CVE-2008-6739
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request...
Design/Logic Flaw
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request...
CVE-2008-6739
CVE-2008-6739 affects Todd Woolums ASP Download management script 1.03. The issue is that setupdownload.asp does not require authentication, allowing a remote attacker to obtain administrator privileges via a direct request. The documented impact is elevation to administrator access, with exploit...
CVE-2008-6739
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request...
CVE-2008-5274
Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to 1 rss.asp, 2 viewheadings.asp, or 3 viewnews.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-5273
SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter...
Sql injection
SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter...
CVE-2008-5273
SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter...
CVE-2008-5273
The CVE-2008-5273 entry describes an SQL injection vulnerability in viewnews.asp of Todd Woolums ASP News Management 2.2, exploitable via the newsID parameter to execute arbitrary SQL commands remotely. Connected records confirm affected software/version and the underlying cause (unsafely handled...
CVE-2008-5274
CVE-2008-5274 affects Todd Woolums ASP News Management 2.2. The vulnerability allows remote attackers to obtain news items via direct requests to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp). The underlying issue is information disclosure through access to these pages, resulting in par...
CVE-2008-4511
Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request...
CVE-2008-4511
Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request...
CVE-2008-4511
CVE-2008-4511 concerns Todd Woolums ASP News Management, version likely 2.21, which stores db/news.mdb under the web root with insufficient access control. The described vulnerability enables remote attackers to obtain sensitive information via a direct request, indicating a confidentiality impac...
ASP Download 1.03 - Arbitrary Change Administrator Account
ASP Download 1.03 - Arbitrary Change Administrator Account \ ASPDownload v 1.03 Remote Admin Bypass Exploit / \ / / + Author : Underz0ne Crew + Script : ASPDownload v 1.03 + Risk : High + Script URL : http://www.toddwoolums.com/aspdownload.asp + Dork : Powered by AspDownload --//-- Exploit Area :...