Classapps Selectsurvey.Net vulnerabilities
3 known vulnerabilities affecting classapps/selectsurvey.net.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-6030P3MEDIUMCVSS 6.5PoC≤ 4.125.001v4.125.0002014-11-06
CVE-2014-6030 [MEDIUM] CWE-89 CVE-2014-6030: Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow (1) remo
Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow (1) remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or (2) remote authenticated users to execute arbitrary SQL commands via the SurveyID parameter to survey/UploadImagePopupToDb.aspx.
nvd
CVE-2021-41609P2CRITICALCVSS 9.8fixed in 5.052.0002022-01-28
CVE-2021-41609 [CRITICAL] CWE-89 CVE-2021-41609: SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET befo
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection.
nvd
CVE-2021-41608P3HIGHCVSS 7.5fixed in 5.052.0002022-01-28
CVE-2021-41608 [HIGH] CWE-639 CVE-2021-41608: A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1.
nvd