| Max CVSS | 7.5 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-1553 | 7.5 |
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2008-6978 | 6.8 |
Unrestricted file upload vulnerability in Full Revolution aspWebAlbum 3.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in pics/, related to the
|
29-09-2017 - 01:33 | 19-08-2009 - 05:24 |