CVEDB API

Vulnerabilities

Vulnerable Software

Iisworks: Security Vulnerabilities

CVE-2006-6350

listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb.

CVSS Score

10.0

EPSS Score

0.008

Published

2006-12-07

CVE-2006-6210

SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

CVSS Score

7.5

EPSS Score

0.002

Published

2006-12-01

CVE-2006-2989

Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.

CVSS Score

4.3

EPSS Score

0.004

Published

2006-06-13

CVE-2005-4658

Multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers.com ASPKnowledgebase allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.

CVSS Score

6.8

EPSS Score

0.013

Published

2005-12-31

CVE-2005-4047

Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter.

CVSS Score

4.3

EPSS Score

0.004

Published

2005-12-07

CVE-2005-3596

SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp.

CVSS Score

7.5

EPSS Score

0.03

Published

2005-11-16

Page 1

Vulnerabilities

Vulnerable Software

Iisworks: Security Vulnerabilities

Products

Pricing

Contact Us