Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2006-6350
Disclosure Date: December 07, 2006 (last updated October 04, 2023)
listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb.
0
Attacker Value
Unknown
CVE-2006-6210
Disclosure Date: December 01, 2006 (last updated October 04, 2023)
SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
0
Attacker Value
Unknown
CVE-2006-2989
Disclosure Date: June 13, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.
0
