Vulnerabilities > Aspindir
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-26 | CVE-2008-2872 | SQL Injection vulnerability in Aspindir Shibby Shop SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | 7.5 |
2008-05-27 | CVE-2008-2448 | SQL Injection vulnerability in Aspindir Meto Forum 1.1 Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid parameter to (c) kategori.asp and (d) admin_kategori.asp; and unspecified parameters to (e) uye.asp and (f) oku.asp. | 7.5 |
2008-05-19 | CVE-2008-2334 | SQL Injection vulnerability in Aspindir Philboard 0.5 Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. | 7.5 |
2008-05-01 | CVE-2008-2048 | Cross-Site Scripting vulnerability in Aspindir Angelo-Emlak 1.0 Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter. | 4.3 |
2008-05-01 | CVE-2008-2047 | SQL Injection vulnerability in Aspindir Angelo-Emlak 1.0 Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | 7.5 |
2008-04-25 | CVE-2008-1939 | SQL Injection vulnerability in Aspindir Philboard 1.0 Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920. | 7.5 |
2007-08-20 | CVE-2007-4434 | Cross-Site Scripting vulnerability in Aspindir Text File Search 0 Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic) edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. network aspindir | 4.3 |
2007-08-20 | CVE-2007-4433 | Cross-Site Scripting vulnerability in Aspindir Text File Search 0 Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field. network aspindir | 4.3 |
2007-08-10 | CVE-2007-4297 | HTML Injection vulnerability in Dersimiz Haber Ekleme Modulu Yorumkaydet.ASP Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. network aspindir | 4.3 |
2007-07-18 | CVE-2007-3885 | Unspecified vulnerability in Aspindir Husrevforum 1.0.1 Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. network aspindir | 4.3 |