ASP Ublog version 1.6 suffers from a remote database download vulnerability.
cee10f65d05dd0e27836f9408a1ccd68a72e0e6931a165b87de53b742d42ac24ASP SkyPortal version 1 suffers from a remote database download vulnerability.
e6a5a78ebe52ee5cf1cef83243eb91b4a188ce40fd95bcc9b05e867343426051ASP PD Portal version 4.0 suffers from a database download vulnerability.
a805c902aac71243acc51fd3db494490c9071f90865d09bd68118243570333f4ASP Vural Portal version 2.0 suffers from a remote database download vulnerability.
a2702cae870076d51d40a7c9d0279081e00734b59cf71528b6e1d42a9a03abd0ASP Edepyahu Video suffers from a remote database download vulnerability.
29ef230631a50b7eeb3c7c4a0b558ebaacc9d67fbf4710df94bd59d9d6650672ASP Zirve Portal suffers from a remote database disclosure vulnerability.
854064e4c416b2e4c40d31fe84a1be5f849accbd65c569e28141f305f3cc9145ASP Cnr Hiyake Scripti suffers from a remote database download vulnerability.
77f4c5f1a2381570de8dd3628d61b01cc20473a5c12e6e731779146445cc6239ASP Fot Video Siciripti version 1.1 suffers from a remote database download vulnerability.
4927757e937283c7ca243e62ee2e5b46078828262cf2a4032751d71de293e178ASP Invision gallery_show.asp suffers from a remote blind SQL injection vulnerability.
48378027c7f88c104facb07bab2a2e049cbeda4787f3ced528ab23a4ca72274aAsp JGBBS version 3.0beta1 suffers from a remote database disclosure vulnerability.
7319973bc6a7fec0a1d40d04e432865f6bc2063cb34fc3935259fd5103b3c45eFully Functional ASP Forum version 1.0 suffers from a database disclosure vulnerability.
cdadd49d2f33dbd2a6e856092cfb024afad8c7c46f05041225273621fb875febASP Makit News/Blog Poster version 3.1 suffers from a remote database disclosure vulnerability.
f8e37f234aede523f8eb8662ef25057c3cc23afa829ca0614715f4223eb768a6ASP Battle Blog suffers from a remote database disclosure vulnerability.
fc0f6767107f2f2402ceb5c2afe556306b664f129954708e331612e7ac032da3ASP Simple Blog version 3.0 suffers from a remote shell upload vulnerability.
b76b6b905f4535c692f5efca57d341253413a3c0139cd95b9eadb241a0dae05eActiveBuyandSell version 6.2 suffers from a blind SQL injection vulnerability in buyersend.asp.
27892f081153209f7dd1b6589496ff57cb9b71c50a00f7226e441189432325f1Free ASP GuestBookPro script suffers from a remote database disclosure vulnerability.
a52d9f78328587b6ef4a6b9485b292c7e2d69af08779b7de2ed18d48163f7fa6Accessible ASP Star Ratings Script version 0.2 suffers form a remote blind SQL injection vulnerability.
2b346ee2a62cd9e8b165e61875c965a305de4dceafda25852c2c95c28f84d0fdClickTrackerASP suffers from a remote SQL injection vulnerability in sitedetails.asp.
d2d418a68891c16750e95f7ddb92bfb20159995c37d45fdb8415dc9587b09f1cFree ASP suffers from a remote shell upload vulnerability.
9bba26c9ce7fe30951060c79b0d86c5e96c82e0a5289088edf6fdf17cd77bf7cMandriva Linux Security Advisory 2009-322 - IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers. Multiple cross-site scripting (XSS) vulnerabilities were discovered in the ASP.net class libraries in Mono 2.0 and earlier. CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. Packages for 2008.0 are being provided due to extended support for Corporate products. The updated packages have been patched to fix these issues.
ac595de6900cd8c12028c1914747f7f1fc67ec1d0d49ad77f576b6b17b0f2203Mandriva Linux Security Advisory 2009-268 - Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to (1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs (RenderAttributes), (3) HtmlInputButton (RenderAttributes), (4) HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect (RenderChildren). The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. This update fixes these vulnerabilities.
0e41155cc42ddb5a5c21302a350227e68f876395d4400da79f4e4a1a818f4720HotWeb Rentals suffers from a remote blind SQL injection vulnerability in details.asp.
60bf05c4377ddd11c891d84028e8e5051aa507b3e832e32928d625061a346dd7Whitepaper called ASP and JSP security. Written in Persian.
9f0786137b295e197529b0f6c2c803c2290fb6965060132823b5ad6518989140Ubuntu Security Notice USN-826-1 - It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that Mono did not properly escape certain attributes in the ASP.net class libraries which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This issue only affected Ubuntu 8.04 LTS. It was discovered that Mono did not properly filter CRLF injections in the query string. If a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, steal confidential data (such as passwords), or perform cross-site request forgeries. This issue only affected Ubuntu 8.04 LTS.
2ad29fa1156368f088ec7fd61ddf354bd88a9b875c072b5a2b54cec8ad4511a1Online Work Order Suite ASP version 3.10 suffers from cross site scripting vulnerabilities.
71a625350d91f2c7d3481e46556e63cadd061df00b080e38b79c5929ddfb9719
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed