VYPR

Ziyaretci Defteri

by Lebisoft

CVEs (2)

  • CVE-2010-1065Mar 23, 2010
    risk 0.03cvss epss 0.02

    Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb.

  • CVE-2006-6337Dec 7, 2006
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter.