Vulnerabilities > Fipsasp > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-20 | CVE-2008-3722 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3417 | SQL Injection vulnerability in Fipsasp Fipscms Light SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561. | 7.5 |
| 2008-05-09 | CVE-2008-2124 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter. | 7.5 |
| 2007-05-09 | CVE-2007-2561 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115. | 7.5 |
| 2006-12-04 | CVE-2006-6243 | SQL Injection vulnerability in fipsShop Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) did parameter. | 7.5 |
| 2006-11-26 | CVE-2006-6117 | SQL Injection vulnerability in FipsGallery Index1.ASP SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter. | 7.5 |
| 2006-11-26 | CVE-2006-6116 | SQL Injection vulnerability in FipsForum Default2.ASP SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
| 2006-11-26 | CVE-2006-6115 | SQL Injection vulnerability in FipsCMS Index.ASP SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter. | 7.5 |