vp asp software vulnerabilities
vulnerabilities.aspcode.net
Searching vp asp software vulnerabilities
IIS 2.0 and 3.0 allows remote attackers to read
attackers
|
appending
|
source
|
allows
|
remote
|
pages
|
code
|
read
|
IIS
|
ASP
|
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
IIS allows local users to cause a denial of ser
expressions
|
service
|
invalid
|
regular
|
allows
|
Visual
|
script
|
denial
|
Basic
|
cause
|
users
|
local
|
page
|
ASP
|
IIS
|
via
|
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
vWebServer 1.2.0 allows remote attackers to vie
vWebServer
|
vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20).
Cross-site scripting vulnerability in functions
functions-incasp
|
vulnerability
|
Cross-site
|
attackers
|
embedding
|
scripting
|
ASP-Nuke
|
execute
|
within
|
script
|
allows
|
remote
|
other
|
users
|
tag
|
IMG
|
RC1
|
Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.
ASP-Nuke RC2 and earlier allows remote attacker
authentication
|
privileges
|
modifying
|
attackers
|
ASP-Nuke
|
"pseudo"
|
earlier
|
cookie
|
remote
|
allows
|
bypass
|
gain
|
RC2
|
ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie.
ASP-Nuke RC2 and earlier allows remote attacker
submitting
|
attackers
|
logged-in
|
"pseudo"
|
ASP-Nuke
|
invalid
|
earlier
|
allows
|
cookie
|
remote
|
users
|
list
|
RC2
|
all
|
ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.
SQL injection vulnerability in shopadmin.asp in
authentication
|
vulnerability
|
shopadminasp
|
arbitrary
|
attackers
|
injection
|
commands
|
execute
|
bypass
|
VP-ASP
|
allows
|
remote
|
via
|
SQL
|
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.
shoprestoreorder.asp in VP-ASP 5.0 does not clo
shoprestoreorderasp
|
connection
|
attackers
|
restores
|
previous
|
database
|
service
|
VP-ASP
|
remote
|
denial
|
allows
|
cause
|
close
|
order
|
which
|
user
|
does
|
not
|
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).
The CleanseMessage function in shop$db.asp for
CleanseMessage
|
sufficiently
|
cross-site
|
shop$dbasp
|
attackers
|
scripting
|
Shopping
|
function
|
cleanse
|
conduct
|
through
|
remote
|
VP-ASP
|
allows
|
inputs
|
which
|
Cart
|
does
|
not
|
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use Software vulnerabilities results 1 to 20 of 115
Page:
1
2
3
4
5
6
►