Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alphanix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1322
ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing user credentials via a direct request for database/aspProductCatalog.mdb.
Humayun Shabbir Bhutta Asp Product Catalog 1.0
1 EDB exploit
NA
CVE-2008-6494
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for users.mdb.
Robs-projects Asp User Engine.net -
1 EDB exploit
NA
CVE-2008-5981
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for (1) poll.mdb or (2) poll97.mdb.
Pacosdrivers Pacpoll 4.0
1 EDB exploit
NA
CVE-2008-6153
SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote malicious users to execute arbitrary SQL commands via the AlbumID parameter.
Jayeshp Pixel8 Web Photo Album 3.0
1 EDB exploit
NA
CVE-2008-5559
SQL injection vulnerability in sendcard.cfm in PostEcards allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dazzlindonna Postecards
1 EDB exploit
NA
CVE-2008-5573
SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Password and (2) username parameters.
Adcomplete Poll Pro 2.0
1 EDB exploit
NA
CVE-2008-5588
SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote malicious users to execute arbitrary SQL commands via the siteID parameter.
Katywhitton Rankem
1 EDB exploit
NA
CVE-2008-5589
SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote malicious users to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obt...
Katywhitton Rankem
1 EDB exploit
NA
CVE-2008-5591
Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote malicious users to inject arbitrary web script or HTML via the username parameter and possibly other "login fields." NOTE: some of these details are obtained from third p...
Iwrite Nightfall Personal Diary 1.0
1 EDB exploit
NA
CVE-2008-5592
Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for users-zza21.mdb.
Iwrite Nightfall Personal Diary 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »