Vulnerabilities > Activewebsoftwares

DATE CVE VULNERABILITY TITLE RISK
2008-12-17 CVE-2008-5635 SQL Injection vulnerability in Activewebsoftwares Active Membership 2.0
SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-17 CVE-2008-5634 SQL Injection vulnerability in Activewebsoftwares Active Force Matrix 2.0
SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-17 CVE-2008-5633 SQL Injection vulnerability in Activewebsoftwares Activevotes 2.2
SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-17 CVE-2008-5632 SQL Injection vulnerability in Activewebsoftwares Active Time Billing 3.2
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-17 CVE-2008-5631 SQL Injection vulnerability in Activewebsoftwares Active Ewebquiz 8.0
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-17 CVE-2008-5627 SQL Injection vulnerability in Activewebsoftwares Active Trade 2.0
SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter.
network
low complexity
activewebsoftwares CWE-89
7.5
2008-12-08 CVE-2008-5365 SQL Injection vulnerability in Activewebsoftwares Activevotes 2.2
SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
network
low complexity
activewebsoftwares CWE-89
7.5