Runawaysoft: >> Haber Portal >> 1.0 Security Vulnerabilities
SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
6.4
EPSS Score
0.008
Published
2007-05-17
RunawaySoft Haber portal 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/xice.mdb.
CVSS Score
5.0
EPSS Score
0.025
Published
2007-05-17