Vulnerabilities > Runawaysoft

DATE CVE VULNERABILITY TITLE RISK
2007-05-17 CVE-2007-2753 Information Disclosure vulnerability in Runawaysoft Haber Portal 1.0
RunawaySoft Haber portal 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/xice.mdb.
network
low complexity
runawaysoft
5.0
2007-05-17 CVE-2007-2752 SQL Injection vulnerability in Runawaysoft Haber Portal 1.0
SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
runawaysoft
6.4