Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2007-5154
Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and previous versions allows remote malicious users to hijack web sessions via unspecified vectors.
Aimluck Aipo
Aimluck Aipo Asp
7.5
CVSSv2
CVE-2008-5923
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote malicious users to execute arbitrary SQL commands the cat parameter.
Asp-dev Xm Events Diary
1 EDB exploit
10
CVSSv2
CVE-2006-2807
ASPwebSoft Speedy Asp Discussion Forum allows remote malicious users to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.
Aspwebsoft Speedy Asp Discussion Forum
1 EDB exploit
5
CVSSv2
CVE-2009-2024
Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt.
Vt.rovno Asp Vt Auth 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2009-2241
Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline Corporate Calendar allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Aaronoutpost Asp Inline Corporate Calendar
1 EDB exploit
6.8
CVSSv2
CVE-2009-2242
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote malicious users to execute arbitrary SQL commands via the order parameter.
Aaronoutpost Asp Inline Corporate Calendar
1 EDB exploit
7.5
CVSSv2
CVE-2009-2243
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote malicious users to execute arbitrary SQL commands via the sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party ...
Aaronoutpost Asp Inline Corporate Calendar
1 EDB exploit
4.3
CVSSv2
CVE-2007-0814
Multiple cross-site scripting (XSS) vulnerabilities in Adrenalin's ASP Chat allow remote malicious users to inject arbitrary web script or HTML (1) via the psuedo (pseudo) field or (2) during chat.
Adrenalin Labs Adrenalins Asp Chat
4.3
CVSSv2
CVE-2005-0945
Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote malicious users to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags.
Asp Press Acs Blog 1.1.1
1 EDB exploit
6.8
CVSSv2
CVE-2007-0225
Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Virtual Programming Vp-asp 6.09
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »