Yigit Aybuga
Products
24- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
35| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-4856 | 0.03 | — | 0.01 | Oct 5, 2011 | SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter. | |||
| CVE-2010-4855 | 0.03 | — | 0.01 | Oct 5, 2011 | SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | |||
| CVE-2010-4145 | 0.03 | — | 0.03 | Nov 2, 2010 | Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb. | |||
| CVE-2010-4144 | 0.03 | — | 0.01 | Nov 2, 2010 | SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | |||
| CVE-2009-4820 | 0.03 | — | 0.02 | Apr 27, 2010 | Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | |||
| CVE-2010-1064 | 0.03 | — | 0.02 | Mar 23, 2010 | Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb. | |||
| CVE-2009-4585 | 0.03 | — | 0.03 | Jan 6, 2010 | UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb. | |||
| CVE-2008-6803 | 0.03 | — | 0.01 | May 11, 2009 | SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2008-6641 | 0.03 | — | 0.01 | Apr 7, 2009 | Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands… | |||
| CVE-2008-6640 | 0.03 | — | 0.01 | Apr 7, 2009 | Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party… | |||
| CVE-2009-0447 | 0.03 | — | 0.01 | Feb 10, 2009 | Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under… | |||
| CVE-2008-5707 | 0.03 | — | 0.01 | Dec 24, 2008 | SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. | |||
| CVE-2008-5057 | 0.03 | — | 0.01 | Nov 13, 2008 | SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2008-4574 | 0.03 | — | 0.01 | Oct 15, 2008 | SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||
| CVE-2008-4573 | 0.03 | — | 0.01 | Oct 15, 2008 | SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | |||
| CVE-2008-3888 | 0.03 | — | 0.01 | Sep 2, 2008 | SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | |||
| CVE-2008-3495 | 0.03 | — | 0.01 | Aug 6, 2008 | SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | |||
| CVE-2008-2873 | 0.03 | — | 0.03 | Jun 26, 2008 | sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. | |||
| CVE-2008-2882 | 0.03 | — | 0.03 | Jun 26, 2008 | upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. | |||
| CVE-2008-2872 | 0.03 | — | 0.01 | Jun 26, 2008 | SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. |
- CVE-2010-4856Oct 5, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.
- CVE-2010-4855Oct 5, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
- CVE-2010-4145Nov 2, 2010risk 0.03cvss —epss 0.03
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
- CVE-2010-4144Nov 2, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
- CVE-2009-4820Apr 27, 2010risk 0.03cvss —epss 0.02
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb.
- CVE-2010-1064Mar 23, 2010risk 0.03cvss —epss 0.02
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
- CVE-2009-4585Jan 6, 2010risk 0.03cvss —epss 0.03
UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb.
- CVE-2008-6803May 11, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-6641Apr 7, 2009risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands…
- CVE-2008-6640Apr 7, 2009risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…
- CVE-2009-0447Feb 10, 2009risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under…
- CVE-2008-5707Dec 24, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter.
- CVE-2008-5057Nov 13, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-4574Oct 15, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
- CVE-2008-4573Oct 15, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter.
- CVE-2008-3888Sep 2, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.
- CVE-2008-3495Aug 6, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
- CVE-2008-2873Jun 26, 2008risk 0.03cvss —epss 0.03
sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
- CVE-2008-2882Jun 26, 2008risk 0.03cvss —epss 0.03
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
- CVE-2008-2872Jun 26, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.