CVE-2009-5103

The CVE-2009-5103 entry concerns ATCOM Netvolution 1.0 ASP with a Cross-Site Scripting (XSS) vulnerability exploitable via the email variable. Connected sources corroborate an XSS condition but do not provide concrete remediation steps, affected software versions beyond 1.0 ASP, or exploit status...

CVE-2011-3340

CVE-2011-3340 affects Netvolution CMS 2.5.8 (ASP) where the HTTP Referer header parsing allows blind SQL injection. The vulnerability enables remote attackers to alter content, exfiltrate data (usernames, plaintext passwords), and potentially execute commands on the database server without authen...

CVE-2009-5102

CVE-2009-5102 affects ATCOM Netvolution 1.0 ASP. The vulnerability is in default.asp and allows SQL injection via the bpe_nid parameter, enabling remote attackers to execute arbitrary SQL commands. The connected documents provide the same description across sources; no exploitation details or pat...

CVE-2010-4966

Technical details (affected product/version, root cause, fixes) are not publicly provided in the supplied documents; monitor for updates.

CVE-2010-4967

The CVE-2010-4967 issue concerns ATCOM Netvolution 2.5.6, where a SQL injection vulnerability exists in default.asp. The vulnerability allows remote attackers to execute arbitrary SQL commands via the artID parameter. No remediation details are provided in the connected documents; exploitation st...

CVE-2014-2318

The provided connections confirm CVE-2014-2318 is an SQL injection vulnerability in ATCOM Netvolution 3, exploitable via the m parameter to allow remote arbitrary SQL execution. Affected component is ATCOM Netvolution 3; root cause is improper input handling leading to SQL command injection. Impa...