Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2008-5603
Disclosure Date: December 16, 2008 (last updated October 04, 2023)
ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb.
0
Attacker Value
Unknown
CVE-2006-6848
Disclosure Date: December 31, 2006 (last updated October 04, 2023)
SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter.
0
