RSS   Vulnerabilities for 'Angelo-emlak'   RSS

2010-04-27
 
CVE-2009-4820

CWE-264
 

 
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb.

 
2008-05-01
 
CVE-2008-2048

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.

 
 
CVE-2008-2047

CWE-89
 

 
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp.

 

 >>> Vendor: Aspindir 24 Products
Xweblog
Aspee ziyaretci defteri
Hazirsite
Husrevforum
Dersimiz haber ekleme modulu
Text file search
Philboard
Angelo-emlak
Meto forum
Shibby shop
Pcshey portal
Mini nuke freehost
Munzursoft web portal w3
Ayco okul portali
Dizi portali
Iltaweb alisveris sistemi
Batmanportal
Shader tv
Mydesign sayac
Uranyumsoft listing service
Erolife ajxgaleri vt
Lookmer muzik portal
Krm haber
Kisisel radyo script


Copyright 2017, cxsecurity.com

 

Back to Top