Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alphanix vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6153
SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote malicious users to execute arbitrary SQL commands via the AlbumID parameter.
Jayeshp Pixel8 Web Photo Album 3.0
1 EDB exploit
5
CVSSv2
CVE-2009-1322
ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing user credentials via a direct request for database/aspProductCatalog.mdb.
Humayun Shabbir Bhutta Asp Product Catalog 1.0
1 EDB exploit
5
CVSSv2
CVE-2008-6494
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for users.mdb.
Robs-projects Asp User Engine.net -
1 EDB exploit
7.5
CVSSv2
CVE-2008-5767
SQL injection vulnerability in authors.asp in gNews Publisher allows remote malicious users to execute arbitrary SQL commands via the authorID parameter.
Gazatem Gnews Publisher Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5772
Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.
Aspsiteware Realtylistings 1.0
Aspsiteware Realtylistings 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5774
Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp.
Aspsiteware Homebuilder 1.0
Aspsiteware Homebuilder 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5892
Multiple SQL injection vulnerabilities in ClickAndEmail allow remote malicious users to execute arbitrary SQL commands via (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (aka the USERNAME field in admin_main.asp),...
Icash Click\\&email Nil
1 EDB exploit
2.6
CVSSv2
CVE-2008-5893
Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote malicious users to inject arbitrary web script or HTML via the tablename parameter in an update action.
Icash Click\\&email Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5972
SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Activewebsoftwares Active Business Directory 2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6874
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote malicious users to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.
Aspsiteware Autodealer 1.0
Aspsiteware Autodealer 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »