Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria-security team vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-6207
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error
Lynx Internet Solutions Evolve Merchant
1 EDB exploit
755
VMScore
CVE-2006-6209
Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart allow remote malicious users to execute arbitrary SQL commands via the (1) id2006quant parameter to (a) item_show.asp, or the (2) maingroup or (3) secondgroup parameter to (b) item_lis...
Midicart Software Midicart Asp Plus Shopping Cart
Midicart Software Midicart Asp Shopping Cart
1 EDB exploit
755
VMScore
CVE-2006-6210
SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Iisworks Asp Listpics 5.0
1 EDB exploit
755
VMScore
CVE-2006-6243
Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow remote malicious users to execute arbitrary SQL commands via the (1) cat or (2) did parameter.
Fipsasp Fipsshop
1 EDB exploit
1000
VMScore
CVE-2006-6355
SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote malicious users to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.
Duware Duclassmate
1 EDB exploit
755
VMScore
CVE-2006-6367
Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976.
Duware Dunews 1.0
Duware Dunews 1.1
Duware Dudownload 1.0
Duware Dudownload 1.1
Duware Dupaypal 3.0
Duware Dupaypal 3.1
Duware Dupaypal Pro 3.0
Duware Dupaypal Pro 3.1
1 EDB exploit
755
VMScore
CVE-2007-6091
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote malicious users to execute arbitrary SQL commands via the (1) Username (aka Login or Emai...
Jiro Banner System 2.0
1 EDB exploit
755
VMScore
CVE-2007-3987
SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote malicious users to execute arbitrary SQL commands via the SearchWord parameter.
Junction Quest Image Racer 1.0
1 EDB exploit
605
VMScore
CVE-2007-0399
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.
Simple Machines Simple Machines Forum 1.1 Rc3
1 EDB exploit
435
VMScore
CVE-2007-5625
Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote malicious users to inject arbitrary web script or HTML via the QUERY parameter.
Simongibson Asp Site Search Searchsimon Lite 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »