Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5952
SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote malicious users to execute arbitrary SQL commands via the Username field.
Asp Smiley Asp Smiley 1.0
1 EDB exploit
5
CVSSv2
CVE-2007-5260
ASP-CMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing the username and password via a direct request for mdb-database/ASP-CMS_v100.mdb.
Asp-cms Asp-cms 1.0
7.5
CVSSv2
CVE-2008-6353
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the cha parameter.
Asp-cms Asp-cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2002-0520
Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote malicious users to execute script as other ASP-Nuke users by embedding it within an IMG tag.
Asp-nuke Asp-nuke Rc1
7.5
CVSSv2
CVE-2009-0280
Asp Project Management 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the crypt cookie to 1.
Asp-project Asp-project 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-0802
Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 up to and including 1.1b allows remote malicious users to execute arbitrary web script or HTML via the search parameter.
Asp Press Acs Blog 1.0
Asp Press Acs Blog 1.1b
Asp Press Acs Blog 0.8
Asp Press Acs Blog 0.9
1 EDB exploit
7.5
CVSSv2
CVE-2000-0628
The source.asp example script in the Apache ASP module Apache::ASP 1.93 and previous versions allows remote malicious users to modify files.
Joshua Chamas Apache Asp 0.16
Joshua Chamas Apache Asp 0.17
Joshua Chamas Apache Asp 0.18
Joshua Chamas Apache Asp 1.93
7.5
CVSSv2
CVE-2006-3580
SQL injection vulnerability in pages.asp in ASP Stats Generator prior to 2.1.2 allows remote malicious users to execute arbitrary SQL commands via the order parameter.
Asp Stats Generator Asp Stats Generator
1 EDB exploit
6.8
CVSSv2
CVE-2007-2790
Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the type parameter.
Vp-asp Vp-asp Shopping Cart
4
CVSSv2
CVE-2006-3184
Direct static code injection vulnerability in ASP Stats Generator prior to 2.1.2 allows remote authenticated malicious users to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp.
Asp Stats Generator Asp Stats Generator
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »