Filtered by vendor Aspindir
Subscribe
Total
34 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2882 | 1 Aspindir | 1 Shibby Shop | 2023-12-10 | 7.5 HIGH | N/A |
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. | |||||
CVE-2008-2872 | 1 Aspindir | 1 Shibby Shop | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | |||||
CVE-2008-3888 | 1 Aspindir | 1 Mini Nuke Freehost | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | |||||
CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | |||||
CVE-2008-2334 | 1 Aspindir | 1 Philboard | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-5057 | 1 Aspindir | 1 Dizi Portali | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2007-4434 | 1 Aspindir | 1 Text File Search | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic) edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
CVE-2007-4297 | 1 Aspindir | 1 Dersimiz Haber Ekleme Modulu | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2006-7161 | 1 Aspindir | 1 Hazirsite | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. | |||||
CVE-2007-3885 | 1 Aspindir | 1 Husrevforum | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2007-3884 | 1 Aspindir | 1 Husrevforum | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected. | |||||
CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | |||||
CVE-2007-4433 | 1 Aspindir | 1 Text File Search | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field. | |||||
CVE-2006-5023 | 1 Aspindir | 1 Xweblog | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter. |