Shodan
Vulnerabilities
Vulnerable Software
Aspindir:  Security Vulnerabilities
CVE-2010-4856
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2011-10-05
CVE-2010-4855
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVSS Score
7.5
EPSS Score
0.01
Published
2011-10-05
CVE-2010-4144
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVSS Score
7.5
EPSS Score
0.009
Published
2010-11-02
CVE-2010-4145
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
CVSS Score
5.0
EPSS Score
0.052
Published
2010-11-02
CVE-2010-1736
KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb.
CVSS Score
5.0
EPSS Score
0.003
Published
2010-05-06
CVE-2009-4820
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb.
CVSS Score
5.0
EPSS Score
0.05
Published
2010-04-27
CVE-2010-1116
LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb.
CVSS Score
5.0
EPSS Score
0.003
Published
2010-03-25
CVE-2010-1064
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
CVSS Score
5.0
EPSS Score
0.052
Published
2010-03-23
CVE-2009-4585
UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb.
CVSS Score
5.0
EPSS Score
0.055
Published
2010-01-06
CVE-2008-6640
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-04-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved