Aspapps: >> Asp Autodealer >> _nil_ Security Vulnerabilities
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVSS Score
7.5
EPSS Score
0.006
Published
2008-12-16
ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.
CVSS Score
5.0
EPSS Score
0.067
Published
2008-12-16