Filtered by vendor Aspindir
Subscriptions
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4820 | 1 Aspindir | 1 Angelo-emlak | 2025-04-11 | N/A |
| Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | ||||
| CVE-2010-1064 | 1 Aspindir | 1 Erolife Ajxgaleri Vt | 2025-04-11 | N/A |
| Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb. | ||||
| CVE-2010-1116 | 1 Aspindir | 1 Lookmer Muzik Portal | 2025-04-11 | N/A |
| LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb. | ||||
| CVE-2010-1736 | 1 Aspindir | 1 Krm Haber | 2025-04-11 | N/A |
| KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb. | ||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | ||||
| CVE-2010-4145 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | N/A |
| Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb. | ||||
| CVE-2010-4855 | 1 Aspindir | 1 Xweblog | 2025-04-11 | N/A |
| SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | ||||
| CVE-2010-4856 | 1 Aspindir | 1 Xweblog | 2025-04-11 | N/A |
| SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter. | ||||
| CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | ||||
| CVE-2006-7161 | 1 Aspindir | 1 Hazirsite | 2025-04-09 | N/A |
| SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. | ||||
| CVE-2007-3884 | 1 Aspindir | 1 Husrevforum | 2025-04-09 | N/A |
| SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected. | ||||
| CVE-2007-4433 | 1 Aspindir | 1 Text File Search | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field. | ||||
| CVE-2007-4434 | 1 Aspindir | 1 Text File Search | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic) edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2008-1939 | 1 Aspindir | 1 Philboard | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920. | ||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | ||||
| CVE-2008-2048 | 1 Aspindir | 1 Angelo-emlak | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter. | ||||
| CVE-2008-2872 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | ||||
| CVE-2008-6640 | 1 Aspindir | 1 Batmanportal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3495 | 1 Aspindir | 1 Pcshey Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2008-3888 | 1 Aspindir | 1 Mini Nuke Freehost | 2025-04-09 | N/A |
| SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | ||||