Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2403
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
Sun Java Asp Server 4.0.1
Sun Java Asp Server
Sun Java Asp Server 4.0
NA
CVE-2004-2411
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 up to and including 5.0 does not sufficiently cleanse inputs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascr...
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2004-2412
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
NA
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2007-5220
SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote malicious users to execute arbitrary SQL commands via the cid parameter and possibly other parameters.
Asp Product Catalog Asp Product Catalog 1.0
NA
CVE-2007-3887
Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp in ASP Ziyaretci Defteri 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Isim, (2) Mesajiniz, and (3) E-posta fields. NOTE: these probably correspond to the isim, mesaj, and...
Asp Ziyaretci Defteri Asp Ziyaretci Defteri 1.1
NA
CVE-2010-1588
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via the websess parameter.
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1589
Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname ...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1590
Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), r...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 5.50
Vpasp Vp-asp Shopping Cart 6.00
NA
CVE-2001-0972
Surf-Net ASP Forum prior to 2.30 uses easily guessable cookies based on the UserID, which allows remote malicious users to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
Surf-net Asp Forum 2.20
Surf-net Asp Forum
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »