Search Results (34 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0447 1 Aspindir 1 Mydesign Sayac 2026-04-23 N/A
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. NOTE: some of these details are obtained from third party information.
CVE-2008-2872 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-3495 1 Aspindir 1 Pcshey Portal 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
CVE-2007-3885 1 Aspindir 1 Husrevforum 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-4297 1 Aspindir 1 Dersimiz Haber Ekleme Modulu 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-2882 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
CVE-2010-4855 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVE-2009-4820 1 Aspindir 1 Angelo-emlak 2025-04-11 N/A
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb.
CVE-2010-1736 1 Aspindir 1 Krm Haber 2025-04-11 N/A
KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb.
CVE-2010-4144 1 Aspindir 1 Kisisel Radyo Script 2025-04-11 N/A
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVE-2010-4145 1 Aspindir 1 Kisisel Radyo Script 2025-04-11 N/A
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
CVE-2010-1116 1 Aspindir 1 Lookmer Muzik Portal 2025-04-11 N/A
LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb.
CVE-2010-4856 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.
CVE-2010-1064 1 Aspindir 1 Erolife Ajxgaleri Vt 2025-04-11 N/A
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.