Vulnerabilities > Aspindir
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-04-07 | CVE-2008-6640 | SQL Injection vulnerability in Aspindir Batmanportal Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. | 7.5 |
| 2009-02-10 | CVE-2009-0447 | SQL Injection vulnerability in Aspindir Mydesign Sayac 2.0 Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. | 7.5 |
| 2008-12-24 | CVE-2008-5707 | SQL Injection vulnerability in Aspindir Iltaweb Alisveris Sistemi NIL SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. | 7.5 |
| 2008-11-13 | CVE-2008-5057 | SQL Injection vulnerability in Aspindir Dizi Portali SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. | 7.5 |
| 2008-10-15 | CVE-2008-4574 | SQL Injection vulnerability in Aspindir Ayco Okul Portali SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | 7.5 |
| 2008-10-15 | CVE-2008-4573 | SQL Injection vulnerability in Aspindir Munzursoft web Portal W3 SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
| 2008-09-02 | CVE-2008-3888 | SQL Injection vulnerability in Aspindir Mini Nuke Freehost 2.3 SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | 7.5 |
| 2008-08-06 | CVE-2008-3495 | SQL Injection vulnerability in Aspindir Pcshey Portal SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | 7.5 |
| 2008-06-26 | CVE-2008-2882 | Permissions, Privileges, and Access Controls vulnerability in Aspindir Shibby Shop upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. | 7.5 |
| 2008-06-26 | CVE-2008-2873 | Permissions, Privileges, and Access Controls vulnerability in Aspindir Shibby Shop sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. | 5.0 |