Xlinesoft Asprunner vulnerabilities
4 known vulnerabilities affecting xlinesoft/asprunner.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2004-2060P4MEDIUMCVSS 5.0PoCv1.0v2.0+4 more2004-12-31
CVE-2004-2060 [MEDIUM] CVE-2004-2060: ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote att
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
nvd
CVE-2004-2059P4MEDIUMCVSS 5.0PoCv1.0v2.0+4 more2004-12-31
CVE-2004-2059 [MEDIUM] CVE-2004-2059: Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbi
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp.
nvd
CVE-2004-2057P4HIGHCVSS 7.5v1.0v2.0+4 more2004-12-31
CVE-2004-2057 [HIGH] CVE-2004-2057: SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statem
SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements.
nvd
CVE-2004-2058P4MEDIUMCVSS 5.0v1.0v2.0+4 more2004-12-31
CVE-2004-2058 [MEDIUM] CVE-2004-2058: ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2
ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages.
nvd