2 matches found
CVE-2010-4144
CVE-2010-4144 describes a SQL injection vulnerability in radyo.asp of Kisisel Radyo Script, allowing remote attackers to execute arbitrary SQL via the Id parameter. Impact and affected versions are not elaborated in the provided documents. No remediation/patch details are present in the connected...
CVE-2010-4145
CVE-2010-4145 concerns Kisisel Radyo Script, where sensitive data is stored under the web root with insufficient access control. This allows remote attackers to download the database sevvo/eco23.mdb via a direct request. The vulnerability is rooted in improper access controls exposing a database ...