Filtered by vendor Aspindir
Subscribe
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4145 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | 5.0 MEDIUM | N/A |
| Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb. | |||||
| CVE-2010-1064 | 1 Aspindir | 1 Erolife Ajxgaleri Vt | 2025-04-11 | 5.0 MEDIUM | N/A |
| Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb. | |||||
| CVE-2010-4855 | 1 Aspindir | 1 Xweblog | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | |||||
| CVE-2010-1116 | 1 Aspindir | 1 Lookmer Muzik Portal | 2025-04-11 | 5.0 MEDIUM | N/A |
| LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb. | |||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | |||||
| CVE-2009-4820 | 1 Aspindir | 1 Angelo-emlak | 2025-04-11 | 5.0 MEDIUM | N/A |
| Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | |||||
| CVE-2010-4856 | 1 Aspindir | 1 Xweblog | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter. | |||||
| CVE-2010-1736 | 1 Aspindir | 1 Krm Haber | 2025-04-11 | 5.0 MEDIUM | N/A |
| KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb. | |||||
| CVE-2008-2882 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | 7.5 HIGH | N/A |
| upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. | |||||
| CVE-2008-6641 | 1 Aspindir | 1 Shader Tv | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp. | |||||
| CVE-2007-4297 | 1 Aspindir | 1 Dersimiz Haber Ekleme Modulu | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4585 | 1 Aspindir | 1 Uranyumsoft Listing Service | 2025-04-09 | 5.0 MEDIUM | N/A |
| UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb. | |||||
| CVE-2008-3888 | 1 Aspindir | 1 Mini Nuke Freehost | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | |||||
| CVE-2008-4574 | 1 Aspindir | 1 Ayco Okul Portali | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-2048 | 1 Aspindir | 1 Angelo-emlak | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter. | |||||
| CVE-2008-2873 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | 5.0 MEDIUM | N/A |
| sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. | |||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | |||||
| CVE-2008-3495 | 1 Aspindir | 1 Pcshey Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | |||||
| CVE-2008-6640 | 1 Aspindir | 1 Batmanportal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | |||||