Vulnerabilities > Assetman

DATE CVE VULNERABILITY TITLE RISK
2008-09-22 CVE-2008-4161 SQL Injection vulnerability in Assetman 2.5B
SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action.
network
assetman CWE-89
6.8
2007-03-13 CVE-2007-1427 Directory Traversal vulnerability in AssetMan PDF_File Parameter
Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a and earlier allows remote attackers to read arbitrary files via a ..
network
low complexity
assetman
5.0