Vulnerabilities > Iexpress

DATE CVE VULNERABILITY TITLE RISK
2007-07-25 CVE-2007-3992 SQL-Injection vulnerability in Property Pro
SQL injection vulnerability in vir_login.asp in iExpress Property Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter.
network
low complexity
iexpress
7.5
2007-07-25 CVE-2007-3966 SQL Injection vulnerability in iExpress Munch Pro Login
SQL injection vulnerability in Munch Pro allows remote attackers to execute arbitrary SQL commands via the login field to /admin, a different vulnerability than CVE-2006-5880.
network
low complexity
iexpress
5.0
2006-11-16 CVE-2006-5934 SQL Injection vulnerability in Iexpress Estate Agent Manager 1.3
SQL injection vulnerability in admin/default.asp in Estate Agent Manager 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the UserName field.
network
low complexity
iexpress
7.5