Aspired2poll
by The Net Guys
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6354 | 0.03 | — | 0.05 | Mar 2, 2009 | The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2poll.mdb. | ||
| CVE-2006-5892 | 0.03 | — | 0.02 | Nov 14, 2006 | SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
- CVE-2008-6354Mar 2, 2009risk 0.03cvss —epss 0.05
The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2poll.mdb.
- CVE-2006-5892Nov 14, 2006risk 0.03cvss —epss 0.02
SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.