Vulnerabilities > Aspapps > ASP Autodealer

DATE CVE VULNERABILITY TITLE RISK
2008-12-16 CVE-2008-5608 Permissions, Privileges, and Access Controls vulnerability in Aspapps ASP Autodealer NIL
ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.
network
low complexity
aspapps CWE-264
5.0
5.0
2008-12-16 CVE-2008-5595 SQL Injection vulnerability in Aspapps ASP Autodealer NIL
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter.
network
low complexity
aspapps CWE-89
7.5
7.5