Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2403
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
Sun Java Asp Server 4.0.1
Sun Java Asp Server
Sun Java Asp Server 4.0
NA
CVE-2004-2411
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 up to and including 5.0 does not sufficiently cleanse inputs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascr...
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2004-2412
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
NA
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2007-3887
Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp in ASP Ziyaretci Defteri 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Isim, (2) Mesajiniz, and (3) E-posta fields. NOTE: these probably correspond to the isim, mesaj, and...
Asp Ziyaretci Defteri Asp Ziyaretci Defteri 1.1
NA
CVE-2007-5220
SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote malicious users to execute arbitrary SQL commands via the cid parameter and possibly other parameters.
Asp Product Catalog Asp Product Catalog 1.0
NA
CVE-2010-1590
Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), r...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 5.50
Vpasp Vp-asp Shopping Cart 6.00
NA
CVE-2010-1588
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via the websess parameter.
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1589
Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname ...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2008-2404
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allows remote malicious users to execute arbitrary code via an unspecified string field.
Sun Java Asp Server 4.0
Sun Java Asp Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »