Filtered by vendor Aspindir
Subscriptions
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4145 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | N/A |
| Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb. | ||||
| CVE-2009-4820 | 1 Aspindir | 1 Angelo-emlak | 2025-04-11 | N/A |
| Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | ||||
| CVE-2010-1064 | 1 Aspindir | 1 Erolife Ajxgaleri Vt | 2025-04-11 | N/A |
| Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb. | ||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | ||||
| CVE-2010-4855 | 1 Aspindir | 1 Xweblog | 2025-04-11 | N/A |
| SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | ||||
| CVE-2010-4856 | 1 Aspindir | 1 Xweblog | 2025-04-11 | N/A |
| SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter. | ||||
| CVE-2010-1116 | 1 Aspindir | 1 Lookmer Muzik Portal | 2025-04-11 | N/A |
| LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb. | ||||
| CVE-2010-1736 | 1 Aspindir | 1 Krm Haber | 2025-04-11 | N/A |
| KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb. | ||||
| CVE-2008-2334 | 1 Aspindir | 1 Philboard | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2872 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | ||||
| CVE-2008-2873 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | N/A |
| sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. | ||||
| CVE-2008-2882 | 1 Aspindir | 1 Shibby Shop | 2025-04-09 | N/A |
| upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. | ||||
| CVE-2008-3495 | 1 Aspindir | 1 Pcshey Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2008-3888 | 1 Aspindir | 1 Mini Nuke Freehost | 2025-04-09 | N/A |
| SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | ||||
| CVE-2008-4573 | 1 Aspindir | 1 Munzursoft Web Portal W3 | 2025-04-09 | N/A |
| SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2008-4574 | 1 Aspindir | 1 Ayco Okul Portali | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | ||||
| CVE-2008-5057 | 1 Aspindir | 1 Dizi Portali | 2025-04-09 | N/A |
| SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5707 | 1 Aspindir | 1 Iltaweb Alisveris Sistemi | 2025-04-09 | N/A |
| SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. | ||||
| CVE-2009-4585 | 1 Aspindir | 1 Uranyumsoft Listing Service | 2025-04-09 | N/A |
| UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb. | ||||
| CVE-2007-3885 | 1 Aspindir | 1 Husrevforum | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||