Vulnerabilities > Abczone IT
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-03 | CVE-2005-1429 | SQL Injection vulnerability in Abczone.It Wwwguestbook 1.1 SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |
2004-12-31 | CVE-2004-2428 | Information Disclosure vulnerability in Abczone.It Wwwguestbook 1.1 Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password. | 5.0 |