Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities by aspportal
CVE-2008-6382 (GCVE-0-2008-6382)
Vulnerability from nvd – Published: 2009-03-02 19:00 – Updated: 2024-08-07 11:27
VLAI
EPSS
VEX
Summary
ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/32889 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50372 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/7316 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-12-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:27:35.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"refsource": "OSVDB",
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6382",
"datePublished": "2009-03-02T19:00:00.000Z",
"dateReserved": "2009-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:27:35.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5268 (GCVE-0-2008-5268)
Vulnerability from nvd – Published: 2008-11-28 18:26 – Updated: 2024-08-07 10:49
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/4653 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/5775 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/493302/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/29631 | vdb-entryx_refsource_BID |
Date Public
2008-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4653",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4653",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4653",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5268",
"datePublished": "2008-11-28T18:26:00.000Z",
"dateReserved": "2008-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:49:12.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5879 (GCVE-0-2006-5879)
Vulnerability from nvd – Published: 2006-11-14 19:00 – Updated: 2024-08-07 20:04
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/2762 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/22845 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/21039 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/4461 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/451384/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2762",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5879",
"datePublished": "2006-11-14T19:00:00.000Z",
"dateReserved": "2006-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:55.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1353 (GCVE-0-2006-1353)
Vulnerability from nvd – Published: 2006-03-22 02:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2006-03-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:20.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24090"
},
{
"name": "http://www.nukedx.com/?viewdoc=21",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1353",
"datePublished": "2006-03-22T02:00:00.000Z",
"dateReserved": "2006-03-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:20.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1261 (GCVE-0-2006-1261)
Vulnerability from nvd – Published: 2006-03-19 02:00 – Updated: 2024-08-07 17:03
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17114 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1015772 | vdb-entryx_refsource_SECTRACK |
| http://www.aspportal.net/content/news/News_Item.a… | x_refsource_CONFIRM |
| http://www.osvdb.org/23920 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/19247 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=114243660409338&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-03-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015772"
},
{
"name": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32",
"refsource": "CONFIRM",
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1261",
"datePublished": "2006-03-19T02:00:00.000Z",
"dateReserved": "2006-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1262 (GCVE-0-2006-1262)
Vulnerability from nvd – Published: 2006-03-19 02:00 – Updated: 2024-08-07 17:03
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/17114 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/23919 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1015772 | vdb-entryx_refsource_SECTRACK |
| http://www.aspportal.net/content/news/News_Item.a… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/592 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/19247 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=114243660409338&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015772"
},
{
"name": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32",
"refsource": "CONFIRM",
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1262",
"datePublished": "2006-03-19T02:00:00.000Z",
"dateReserved": "2006-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6382 (GCVE-0-2008-6382)
Vulnerability from cvelistv5 – Published: 2009-03-02 19:00 – Updated: 2024-08-07 11:27
VLAI
EPSS
VEX
Summary
ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/32889 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50372 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/7316 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-12-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:27:35.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32889"
},
{
"name": "50372",
"refsource": "OSVDB",
"url": "http://osvdb.org/50372"
},
{
"name": "7316",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6382",
"datePublished": "2009-03-02T19:00:00.000Z",
"dateReserved": "2009-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:27:35.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5268 (GCVE-0-2008-5268)
Vulnerability from cvelistv5 – Published: 2008-11-28 18:26 – Updated: 2024-08-07 10:49
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/4653 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/5775 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/493302/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/29631 | vdb-entryx_refsource_BID |
Date Public
2008-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4653",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4653",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4653",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4653"
},
{
"name": "5775",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5775"
},
{
"name": "20080612 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493302/100/0/threaded"
},
{
"name": "aspportal-reply-sql-injection(42977)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42977"
},
{
"name": "29631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5268",
"datePublished": "2008-11-28T18:26:00.000Z",
"dateReserved": "2008-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:49:12.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5879 (GCVE-0-2006-5879)
Vulnerability from cvelistv5 – Published: 2006-11-14 19:00 – Updated: 2024-08-07 20:04
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/2762 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/22845 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/21039 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/4461 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/451384/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2762",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2762"
},
{
"name": "22845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22845"
},
{
"name": "aspportal-default1-sql-injection(30186)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30186"
},
{
"name": "21039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21039"
},
{
"name": "ADV-2006-4461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4461"
},
{
"name": "20061112 ASPPortal \u003c= 4.0.0 (default1.asp) Remote SQL Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451384/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5879",
"datePublished": "2006-11-14T19:00:00.000Z",
"dateReserved": "2006-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:55.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1353 (GCVE-0-2006-1353)
Vulnerability from cvelistv5 – Published: 2006-03-22 02:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2006-03-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:20.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
},
{
"name": "24091",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24091"
},
{
"name": "19286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19286"
},
{
"name": "24092",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24092"
},
{
"name": "24090",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24090"
},
{
"name": "http://www.nukedx.com/?viewdoc=21",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=21"
},
{
"name": "24086",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24086"
},
{
"name": "aspportal-multiple-aspscripts-sql-injection(25346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
},
{
"name": "608",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/608"
},
{
"name": "24085",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24085"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
},
{
"name": "20060322 Re: [SPAM:] - ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
},
{
"name": "24084",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24084"
},
{
"name": "17174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17174"
},
{
"name": "ADV-2006-1014",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1014"
},
{
"name": "24020",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24020"
},
{
"name": "24087",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24087"
},
{
"name": "24088",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal \u003c= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1353",
"datePublished": "2006-03-22T02:00:00.000Z",
"dateReserved": "2006-03-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:20.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1261 (GCVE-0-2006-1261)
Vulnerability from cvelistv5 – Published: 2006-03-19 02:00 – Updated: 2024-08-07 17:03
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17114 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1015772 | vdb-entryx_refsource_SECTRACK |
| http://www.aspportal.net/content/news/News_Item.a… | x_refsource_CONFIRM |
| http://www.osvdb.org/23920 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/19247 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=114243660409338&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-03-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "aspportal-multiple-xss(25235)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25235"
},
{
"name": "1015772",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015772"
},
{
"name": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32",
"refsource": "CONFIRM",
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "23920",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23920"
},
{
"name": "19247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1261",
"datePublished": "2006-03-19T02:00:00.000Z",
"dateReserved": "2006-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1262 (GCVE-0-2006-1262)
Vulnerability from cvelistv5 – Published: 2006-03-19 02:00 – Updated: 2024-08-07 17:03
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/17114 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/23919 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1015772 | vdb-entryx_refsource_SECTRACK |
| http://www.aspportal.net/content/news/News_Item.a… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/592 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/19247 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=114243660409338&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "aspportal-multiple-scripts-sql-injection(25234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25234"
},
{
"name": "17114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17114"
},
{
"name": "20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1517.html"
},
{
"name": "23919",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23919"
},
{
"name": "1015772",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015772"
},
{
"name": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32",
"refsource": "CONFIRM",
"url": "http://www.aspportal.net/content/news/News_Item.asp?content_ID=32"
},
{
"name": "592",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/592"
},
{
"name": "19247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19247"
},
{
"name": "20060315 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=114243660409338\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1262",
"datePublished": "2006-03-19T02:00:00.000Z",
"dateReserved": "2006-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}