cbcvebase.

Xlinesoft Asprunner vulnerabilities

4 known vulnerabilities affecting xlinesoft/asprunner.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2004-2060P4MEDIUMCVSS 5.0PoCv1.0v2.0+4 more2004-12-31
CVE-2004-2060 [MEDIUM] CVE-2004-2060: ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote att ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
nvd
CVE-2004-2059P4MEDIUMCVSS 5.0PoCv1.0v2.0+4 more2004-12-31
CVE-2004-2059 [MEDIUM] CVE-2004-2059: Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbi Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp.
nvd
CVE-2004-2057P4HIGHCVSS 7.5v1.0v2.0+4 more2004-12-31
CVE-2004-2057 [HIGH] CVE-2004-2057: SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statem SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements.
nvd
CVE-2004-2058P4MEDIUMCVSS 5.0v1.0v2.0+4 more2004-12-31
CVE-2004-2058 [MEDIUM] CVE-2004-2058: ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2 ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages.
nvd
Xlinesoft Asprunner vulnerabilities | cvebase