Ajsquare: Security Vulnerabilities
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
CVSS Score
6.4
EPSS Score
0.018
Published
2009-08-24
AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
6.4
EPSS Score
0.012
Published
2009-08-24
AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php, (9) changepassword.php, (10) polling.php, and (11) logo.php in admin/.
CVSS Score
7.5
EPSS Score
0.018
Published
2009-08-24
AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
CVSS Score
7.5
EPSS Score
0.018
Published
2009-08-24
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-08-17
SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field).
CVSS Score
7.5
EPSS Score
0.001
Published
2009-04-14
Page 2