Vulnerabilities > Lebisoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-23 | CVE-2010-1065 | Permissions, Privileges, and Access Controls vulnerability in Lebisoft Ziyaretci Defteri 7.4/7.5 Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb. | 5.0 |
2007-06-26 | CVE-2007-3405 | Cross-Site Scripting vulnerability in Lebisoft Zdefter 4.0 Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp in Lebisoft zdefter 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ad and (2) konu parameters. | 4.3 |