Vulnerabilities > Atcom > Netvolution
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-11 | CVE-2014-2318 | SQL Injection vulnerability in Atcom Netvolution 3.0 SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter. | 7.5 |
2011-10-21 | CVE-2011-3340 | SQL Injection vulnerability in Atcom Netvolution 2.5.6 SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | 7.5 |
2011-10-21 | CVE-2010-4967 | SQL Injection vulnerability in Atcom Netvolution 2.5.6 SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter. | 7.5 |
2011-10-21 | CVE-2010-4966 | Cross-Site Scripting vulnerability in Atcom Netvolution Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action. | 4.3 |
2011-10-21 | CVE-2009-5103 | Cross-Site Scripting vulnerability in Atcom Netvolution 1.0 Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable. | 4.3 |
2011-10-21 | CVE-2009-5102 | SQL Injection vulnerability in Atcom Netvolution 1.0 SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter. | 7.5 |