Iisworks
Products
2- 3 CVEs
- 3 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6210 | 0.03 | — | 0.01 | Dec 1, 2006 | SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||
| CVE-2005-4047 | 0.03 | — | 0.02 | Dec 7, 2005 | Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | |||
| CVE-2006-6350 | 0.00 | — | 0.02 | Dec 7, 2006 | listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb. | |||
| CVE-2006-2989 | 0.00 | — | 0.01 | Jun 13, 2006 | Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter. | |||
| CVE-2005-4658 | 0.00 | — | 0.01 | Dec 31, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers.com ASPKnowledgebase allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface. | |||
| CVE-2005-3596 | 0.00 | — | 0.01 | Nov 16, 2005 | SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp. |
- CVE-2006-6210Dec 1, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
- CVE-2005-4047Dec 7, 2005risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter.
- CVE-2006-6350Dec 7, 2006risk 0.00cvss —epss 0.02
listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb.
- CVE-2006-2989Jun 13, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.
- CVE-2005-4658Dec 31, 2005risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers.com ASPKnowledgebase allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.
- CVE-2005-3596Nov 16, 2005risk 0.00cvss —epss 0.01
SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp.