Asp Basit Haber Script version 1.0 suffers from a remote SQL injection vulnerability.
281f3148cd8070695b7c5c5173f62525cc90b0bbe3c9488308af102fbf0ec75ePlaneteria Design ASP suffers from a remote SQL injection vulnerability.
71b8352c542635d8cb25c8b2d8fe046afba4ac3d09e22d2b360ddd24d7062873Secunia Security Advisory - L0rd CrusAd3r has reported two vulnerabilities in CodeWidgets.com Pop-Over Login Form (ASP), which can be exploited by malicious people to conduct SQL injection attacks.
8e7cd7cde4d507d12fc348d32ac9d63db5a1d1b71b1986fa7542833a862dfc8dMagnon Solutions ASP suffers from a remote SQL injection vulnerability.
af5753c763c0306394cc5f320bfdc3cf59f56311903e42da6a6c359430500c34Secunia Security Advisory - Two vulnerabilities have been reported in Multiple Question - Multiple Choice Online Questionaire (ASP), which can be exploited by malicious people to conduct SQL injection attacks.
0738635bf2ced5841427f0ce0c2439fa7ceb3d5faa7614dbd60eb19e98c1bd4aSecunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.
c501c6764d01ebcb985747c523d7ccb08fac485faff6d9af378a90fd48534a08Virtual Consultant suffers from a remote SQL injection vulnerability in newsDetail.asp.
c37350298291e367d7412d0538e7bd62ac93df043ed87b050d2a227f04ee1f20EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.
ddd7c7e0a71fa4db5133c04ad697430cdfacda14107b5069c65c0df1607cefe9The Uploadform ASP script suffers from a shell upload vulnerability.
c6100abc466fd1cb381d3b6023c361123c63e39eefc32312bc6c6fd0a12e68ffIdeas Factory PHP and ASP suffers from a remote SQL injection vulnerability.
fb8bea3d6a2a61019ebd52bb0681852cca639e8eae04391550756eec4e52d178Webworx Technologies Lahore Pakistan PHP and ASP suffers from a remote SQL injection vulnerability.
50354cb5f81e609e925cd43f008fd8f521972495ce9488cdb3f833bd6701fe31Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.
985f1b8a0c9c7170bfff235022459884dade76cc7504b5ccb7d597a030b5d2e8EzPub Simple Classic ASP CMS suffers from a remote SQL injection vulnerability.
dc9ee4cd7403e920bfc04f13411d03a8a3e99d9c1383f3e409abb0d54970b958Zero Day Initiative Advisory 11-037 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is required to exploit this vulnerability in that a logged in user must be coerced into visiting a malicious link. The specific flaw exists within the ScheduleTask method exposed by the IMAdminSchedTask.asp page hosted on the web interface. This function does not properly sanitize user input from a POST variable before passing it to an eval call. An attacker can abuse this to inject and execute arbitrary ASP under the context of the user visiting the malicious link.
0fbc85058957cb5c48d4ca0d5a8da23dad28e326b033a74a7cbb678ac53e9b42The author of this file claims that naming a directory with a .asp extension on IIS 6 will causing all files inside of it to be executed as such.
7d3a817a22ee42fe51d188e334502eb335489a020414bfe1d8e9ebcb14d8ed1fSecunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.
938eb19f1ba6eeb2e1a7aa48954e16711ff7b1d3e22d1bbecee5f4586373afa2ASPilot Pilot Cart version 7.3 suffers from a remote SQL injection vulnerability in newsroom.asp.
25c921d96e4877a9c5613869df60ae1315e06185b08d6b2060e42c97c375e217Secunia Security Advisory - A vulnerability has been reported in Online Work Order Suite (OWOS) Professional Edition for ASP, which can be exploited by malicious people to conduct SQL injection attacks.
80ebbd64dbea1b62e18a4f86310f6a95f0e64a2869cab2e810b40334e22690a5Zero Day Initiative Advisory 10-221 - This vulnerability allows remote attackers to inject arbitrary SQL into the packaged database on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative interface installed with IM Manager. While there is authentication on the main page of the installed IIS extension, many of the pages can be accessed directly. One of these pages, IMAdminReportTrendFormRun.asp, is vulnerable to a SQL injection vulnerability. The ASP code lacks sanity checks on the 'groupList' parameter. Thus, an attacker can abuse this to inject arbitrary SQL into the backend database.
aa84e124106e38044201acc658964bf70d81a2b24ca030fc5cbbdc9da2d4118aZero Day Initiative Advisory 10-220 - This vulnerability allows remote attackers to inject arbitrary SQL into the packaged database on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative interface installed with IM Manager. While there is authentication on the main page of the installed IIS extension, many of the pages can be accessed directly. One of these pages, IMAdminScheduleReport.asp, is vulnerable to a SQL injection vulnerability. The ASP code lacks sanity checks on the 'email' parameter. Thus, an attacker can abuse this to inject arbitrary SQL into the backend database.
510fb503338ecbfca13adb7cacbe14f877aeedd8c76b5d0dae0ef34e9387165dSecunia Security Advisory - A vulnerability has been reported in Mono ASP.NET, which can be exploited by malicious people to disclose sensitive information.
3315e4753eccd8c0b90277870d248f45f7aa42451cfb5bb60ce67bd522673179MS10-070 ASP.NET auto-decryptor file download proof of concept exploit.
583ab327079e0f73d7b6ed0c839ab545a54adb9b2e531b103d46a58fa7667610xWeblog version 2.2 remote SQL injection exploit that leverages arsiv.asp.
2beb8637b0aa0f7f69b2ae512185d2c8383071f4524d3e6accbb57361fc1a1d1Microsoft IIS 6 suffers from an ASP denial of service stack overflow vulnerability.
968ad700fa412b03b08cda7cfb16f28e1648859ba12d1924d7d64d6a0139aeb6Gokhun ASP Stok version 1.0 suffers from cross site scripting, database disclosure and remote SQL injection vulnerabilities.
0b014afa3ef07cc31255993d7a1d5155b464647b8e0481250366eda1b4edb3eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed