Asp Basit Haber Script version 1.0 suffers from a remote SQL injection vulnerability.
281f3148cd8070695b7c5c5173f62525cc90b0bbe3c9488308af102fbf0ec75e
Planeteria Design ASP suffers from a remote SQL injection vulnerability.
71b8352c542635d8cb25c8b2d8fe046afba4ac3d09e22d2b360ddd24d7062873
Secunia Security Advisory - L0rd CrusAd3r has reported two vulnerabilities in CodeWidgets.com Pop-Over Login Form (ASP), which can be exploited by malicious people to conduct SQL injection attacks.
8e7cd7cde4d507d12fc348d32ac9d63db5a1d1b71b1986fa7542833a862dfc8d
Magnon Solutions ASP suffers from a remote SQL injection vulnerability.
af5753c763c0306394cc5f320bfdc3cf59f56311903e42da6a6c359430500c34
Secunia Security Advisory - Two vulnerabilities have been reported in Multiple Question - Multiple Choice Online Questionaire (ASP), which can be exploited by malicious people to conduct SQL injection attacks.
0738635bf2ced5841427f0ce0c2439fa7ceb3d5faa7614dbd60eb19e98c1bd4a
Secunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.
c501c6764d01ebcb985747c523d7ccb08fac485faff6d9af378a90fd48534a08
Virtual Consultant suffers from a remote SQL injection vulnerability in newsDetail.asp.
c37350298291e367d7412d0538e7bd62ac93df043ed87b050d2a227f04ee1f20
EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.
ddd7c7e0a71fa4db5133c04ad697430cdfacda14107b5069c65c0df1607cefe9
The Uploadform ASP script suffers from a shell upload vulnerability.
c6100abc466fd1cb381d3b6023c361123c63e39eefc32312bc6c6fd0a12e68ff
Ideas Factory PHP and ASP suffers from a remote SQL injection vulnerability.
fb8bea3d6a2a61019ebd52bb0681852cca639e8eae04391550756eec4e52d178
Webworx Technologies Lahore Pakistan PHP and ASP suffers from a remote SQL injection vulnerability.
50354cb5f81e609e925cd43f008fd8f521972495ce9488cdb3f833bd6701fe31
Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.
985f1b8a0c9c7170bfff235022459884dade76cc7504b5ccb7d597a030b5d2e8
EzPub Simple Classic ASP CMS suffers from a remote SQL injection vulnerability.
dc9ee4cd7403e920bfc04f13411d03a8a3e99d9c1383f3e409abb0d54970b958
Zero Day Initiative Advisory 11-037 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is required to exploit this vulnerability in that a logged in user must be coerced into visiting a malicious link. The specific flaw exists within the ScheduleTask method exposed by the IMAdminSchedTask.asp page hosted on the web interface. This function does not properly sanitize user input from a POST variable before passing it to an eval call. An attacker can abuse this to inject and execute arbitrary ASP under the context of the user visiting the malicious link.
0fbc85058957cb5c48d4ca0d5a8da23dad28e326b033a74a7cbb678ac53e9b42
The author of this file claims that naming a directory with a .asp extension on IIS 6 will causing all files inside of it to be executed as such.
7d3a817a22ee42fe51d188e334502eb335489a020414bfe1d8e9ebcb14d8ed1f
Secunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.
938eb19f1ba6eeb2e1a7aa48954e16711ff7b1d3e22d1bbecee5f4586373afa2
ASPilot Pilot Cart version 7.3 suffers from a remote SQL injection vulnerability in newsroom.asp.
25c921d96e4877a9c5613869df60ae1315e06185b08d6b2060e42c97c375e217
Secunia Security Advisory - A vulnerability has been reported in Online Work Order Suite (OWOS) Professional Edition for ASP, which can be exploited by malicious people to conduct SQL injection attacks.
80ebbd64dbea1b62e18a4f86310f6a95f0e64a2869cab2e810b40334e22690a5
Zero Day Initiative Advisory 10-221 - This vulnerability allows remote attackers to inject arbitrary SQL into the packaged database on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative interface installed with IM Manager. While there is authentication on the main page of the installed IIS extension, many of the pages can be accessed directly. One of these pages, IMAdminReportTrendFormRun.asp, is vulnerable to a SQL injection vulnerability. The ASP code lacks sanity checks on the 'groupList' parameter. Thus, an attacker can abuse this to inject arbitrary SQL into the backend database.
aa84e124106e38044201acc658964bf70d81a2b24ca030fc5cbbdc9da2d4118a
Zero Day Initiative Advisory 10-220 - This vulnerability allows remote attackers to inject arbitrary SQL into the packaged database on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative interface installed with IM Manager. While there is authentication on the main page of the installed IIS extension, many of the pages can be accessed directly. One of these pages, IMAdminScheduleReport.asp, is vulnerable to a SQL injection vulnerability. The ASP code lacks sanity checks on the 'email' parameter. Thus, an attacker can abuse this to inject arbitrary SQL into the backend database.
510fb503338ecbfca13adb7cacbe14f877aeedd8c76b5d0dae0ef34e9387165d
Secunia Security Advisory - A vulnerability has been reported in Mono ASP.NET, which can be exploited by malicious people to disclose sensitive information.
3315e4753eccd8c0b90277870d248f45f7aa42451cfb5bb60ce67bd522673179
MS10-070 ASP.NET auto-decryptor file download proof of concept exploit.
583ab327079e0f73d7b6ed0c839ab545a54adb9b2e531b103d46a58fa7667610
xWeblog version 2.2 remote SQL injection exploit that leverages arsiv.asp.
2beb8637b0aa0f7f69b2ae512185d2c8383071f4524d3e6accbb57361fc1a1d1
Microsoft IIS 6 suffers from an ASP denial of service stack overflow vulnerability.
968ad700fa412b03b08cda7cfb16f28e1648859ba12d1924d7d64d6a0139aeb6
Gokhun ASP Stok version 1.0 suffers from cross site scripting, database disclosure and remote SQL injection vulnerabilities.
0b014afa3ef07cc31255993d7a1d5155b464647b8e0481250366eda1b4edb3eb