bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/asp
History
Offensive Security 0d43a7fe09 DB: 2017-01-05 
2 new exploits

Kaspersky 17.0.0 - Local CA root is Incorrectly Protected

XAMPP 1.7.4 - Multiple Cross-Site Scripting Vulnerabilities
XAMPP 1.7.4 - Cross-Site Scripting

phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting
phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting

ASPPortal 3.1.1 - (downloadid) SQL Injection
ASPPortal 3.1.1 - 'downloadid' Parameter SQL Injection

ASPPortal 4.0.0 - (default1.asp) SQL Injection
ASPPortal 4.0.0 - 'default1.asp' SQL Injection

ASPTicker 1.0 - (admin.asp) Login Bypass (SQL Injection)
ASPTicker 1.0 - Authentication Bypass

Active Photo Gallery - 'default.asp catid' SQL Injection
Active Photo Gallery - 'catid' Parameter SQL Injection

Active Trade 2 - 'default.asp catid' SQL Injection
Active Trade 2 - 'catid' Parameter SQL Injection

Active NewsLetter 4.3 - (ViewNewspapers.asp) SQL Injection
Active NewsLetter 4.3 - 'ViewNewspapers.asp' SQL Injection
SailPlanner 0.3a - (Authentication Bypass) SQL Injection
Bluo CMS 1.2 - (index.php id) Blind SQL Injection
SailPlanner 0.3a - Authentication Bypass
Bluo CMS 1.2 - Blind SQL Injection
ReVou Twitter Clone - (Authentication Bypass) SQL Injection
Ocean12 FAQ Manager Pro (ID) - Blind SQL Injection
Active Force Matrix 2 - (Authentication Bypass) SQL Injection
ASPReferral 5.3 - 'AccountID' Blind SQL Injection
ActiveVotes 2.2 - (Authentication Bypass) SQL Injection
Active Test 2.1 - (Authentication Bypass) SQL Injection
Active Websurvey 9.1 - (Authentication Bypass) SQL Injection
Active Membership 2 - (Authentication Bypass) SQL Injection
eWebquiz 8 - (Authentication Bypass) SQL Injection
Active NewsLetter 4.3 - (Authentication Bypass) SQL Injection
Active Web Mail 4 - (Authentication Bypass) SQL Injection
Active Trade 2 - (Authentication Bypass) SQL Injection
Active Price Comparison 4 - (Authentication Bypass) SQL Injection
PHP TV Portal 2.0 - (index.php mid) SQL Injection
ReVou Twitter Clone - Authentication Bypass
Ocean12 FAQ Manager Pro - 'ID' Parameter Blind SQL Injection
Active Force Matrix 2 - Authentication Bypass
ASPReferral 5.3 - 'AccountID' Parameter Blind SQL Injection
ActiveVotes 2.2 - Authentication Bypass
Active Test 2.1 - Authentication Bypass
Active Websurvey 9.1 - Authentication Bypass
Active Membership 2 - Authentication Bypass
eWebquiz 8 - Authentication Bypass
Active NewsLetter 4.3 - Authentication Bypass
Active Web Mail 4 - Authentication Bypass
Active Trade 2 - Authentication Bypass
Active Price Comparison 4 - Authentication Bypass
PHP TV Portal 2.0 - 'mid' Parameter SQL Injection
Active Price Comparison 4 - 'ProductID' Blind SQL Injection
Active Bids 3.5 - 'itemID' Blind SQL Injection
Active Price Comparison 4 - 'ProductID' Parameter Blind SQL Injection
Active Bids 3.5 - 'itemID' Parameter Blind SQL Injection
Active Web Helpdesk 2 - (Authentication Bypass) SQL Injection
Lito Lite CMS - 'cate.php cid' SQL Injection
Active Test 2.1 - 'QuizID' Blind SQL Injection
Active Web Helpdesk 2 - 'categoryId' Blind SQL Injection
Active Photo Gallery 6.2 - (Authentication Bypass) SQL Injection
Active Time Billing 3.2 - (Authentication Bypass) SQL Injection
Active Web Helpdesk 2 - Authentication Bypass
Lito Lite CMS - 'cid' Parameter SQL Injection
Active Test 2.1 - 'QuizID' Parameter Blind SQL Injection
Active Web Helpdesk 2 - 'categoryId' Parameter Blind SQL Injection
Active Photo Gallery 6.2 - Authentication Bypass
Active Time Billing 3.2 - Authentication Bypass

Quick Tree View .NET 3.1 - (qtv.mdb) Database Disclosure
Quick Tree View .NET 3.1 - Database Disclosure

z1exchange 1.0 - (edit.php site) SQL Injection
z1exchange 1.0 - 'site' Parameter SQL Injection
E.Z. Poll 2 - (Authentication Bypass) SQL Injection
ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure
bcoos 1.0.13 - (viewcat.php cid) SQL Injection
PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure
E.Z. Poll 2 - Authentication Bypass
ASPPortal 3.2.5 - Database Disclosure
bcoos 1.0.13 - 'viewcat.php' SQL Injection
PacPoll 4.0 - Database Disclosure
SunByte e-Flower - 'id' SQL Injection
Rapid Classified 3.1 - (cldb.mdb) Database Disclosure
Codefixer MailingListPro (MailingList.mdb) - Database Disclosure
Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection
SunByte e-Flower - 'id' Parameter SQL Injection
Rapid Classified 3.1 - Database Disclosure
Codefixer MailingListPro - Database Disclosure
Gallery MX 2.0.0 - Blind SQL Injection
Check New 4.52 - 'findoffice.php search' SQL Injection
Joomla! Component com_jmovies 1.1 - 'id' SQL Injection
Check New 4.52 - SQL Injection
Joomla! Component JMovies 1.1 - 'id' Parameter SQL Injection
Rae Media Contact MS - (Authentication Bypass) SQL Injection
Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion
ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion
Rae Media Contact MS - Authentication Bypass
Multi SEO phpBB 1.1.0 - Remote File Inclusion
ccTiddly 1.7.4 - 'cct_base' Parameter Remote File Inclusion

Easy News Content Management - 'News.mdb' Database Disclosure
Easy News Content Management - Database Disclosure
My Simple Forum 3.0 - (index.php action) Local File Inclusion
Joomla! Component mydyngallery 1.4.2 - (Directory) SQL Injection
Gravity GTD 0.4.5 - (rpc.php objectname) Local File Inclusion / Remote Code Execution
My Simple Forum 3.0 - Local File Inclusion
Joomla! Component mydyngallery 1.4.2 - SQL Injection
Gravity GTD 0.4.5 - Local File Inclusion / Remote Code Execution
RankEm - 'rankup.asp siteID' SQL Injection
RankEm - (Authentication Bypass) SQL Injection
RankEm - 'siteID' Parameter SQL Injection
Rankem - Authentication Bypass
Merlix Teamworx Server - (File Disclosure/Bypass) Multiple Remote Vulnerabilities
Cold BBS - 'cforum.mdb' Remote Database Disclosure
Tizag Countdown Creator .v.3 - Insecure Upload
Merlix Teamworx Server - File Disclosure/Bypass
Cold BBS - Remote Database Disclosure
Tizag Countdown Creator 3 - Insecure Upload
ASP PORTAL - Multiple SQL Injections
ASPTicker 1.0 - (news.mdb) Remote Database Disclosure
ASP Portal - Multiple SQL Injections
ASPTicker 1.0 - Remote Database Disclosure
ASP PORTAL - 'xportal.mdb' Remote Database Disclosure
phpPgAdmin 4.2.1 - (_language) Local File Inclusion
ASP PORTAL - Remote Database Disclosure
phpPgAdmin 4.2.1 - '_language' Parameter Local File Inclusion
PayPal eStore - Admin Password Changing Exploit
Product Sale Framework 0.1b - (forum_topic_id) SQL Injection
PayPal eStore - Admin Password Change
Product Sale Framework 0.1b - SQL Injection

Mini-CMS 1.0.1 - 'index.php' Multiple Local File Inclusion
Mini-CMS 1.0.1 - 'index.php' Local File Inclusion

MG2 0.5.1 - 'Filename' Remote Code Execution
MG2 0.5.1 - 'filename' Parameter Remote Code Execution
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
Poll Pro 2.0 - (Authentication Bypass) SQL Injection
Professional Download Assistant 0.1 - Authentication Bypass
Poll Pro 2.0 - Authentication Bypass

Peel Shopping 3.1 - (index.php rubid) SQL Injection
Peel Shopping 3.1 - 'rubid' Parameter SQL Injection

ProQuiz 1.0 - (Authentication Bypass) SQL Injection
ProQuiz 1.0 - Authentication Bypass

PHPmyGallery 1.5beta - (common-tpl-vars.php) Local File Inclusion / Remote File Inclusion
PHPmyGallery 1.5beta - 'common-tpl-vars.php' Local / Remote File Inclusion
HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution
eZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation
WebMaster Marketplace - 'member.php u' SQL Injection
HTMPL 1.11 - Command Execution
EZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation
WebMaster Marketplace - SQL Injection

eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution (Admin Required)
EZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution (Admin Required)

eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation
EZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation

ReVou Twitter Clone - Admin Password Changing Exploit
ReVou Twitter Clone - Admin Password Change

w3blabor CMS 3.3.0 - (Authentication Bypass) SQL Injection
w3blabor CMS 3.3.0 - Authentication Bypass

rankem - File Disclosure / Cross-Site Scripting / Cookie
Rankem - File Disclosure / Cross-Site Scripting / Cookie

revou twitter clone - Cross-Site Scripting / SQL Injection
Revou Twitter Clone - Cross-Site Scripting / SQL Injection

My Simple Forum 7.1 - (Local File Inclusion) Remote Command Execution
My Simple Forum 7.1 - Remote Command Execution

Mini-CMS 1.0.1 - (page.php id) SQL Injection
Mini-CMS 1.0.1 - 'page.php' SQL Injection

Texas Rankem - 'player.asp player_id' SQL Injection
Texas Rankem - 'player_id' Parameter SQL Injection

Mini-CMS RibaFS 1.0 - (Authentication Bypass) SQL Injection
Mini-CMS RibaFS 1.0 - Authentication Bypass

reVou Twitter Clone 2.0 Beta - SQL Injection / Cross-Site Scripting
ReVou Twitter Clone 2.0 Beta - SQL Injection / Cross-Site Scripting

Andy's PHP KnowledgeBase Project 0.95.4 - SQL Injection
Andy's PHP KnowledgeBase 0.95.4 - SQL Injection

Andy's PHP KnowledgeBase 0.95.2 - (viewusers.php) SQL Injection
Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection

Peel SHOPPING 2.8/ 2.9 - Cross-Site Scripting / SQL Injections
Peel Shopping 2.8/ 2.9 - Cross-Site Scripting / SQL Injections

PluggedOut CMS 0.4.8 - admin.php contenttypeid Parameter SQL Injection
PluggedOut CMS 0.4.8 - 'contenttypeid' Parameter SQL Injection
Texas Rankem - player.asp selPlayer Parameter SQL Injection
Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection
Texas Rankem - 'selPlayer' Parameter SQL Injection
Texas Rankem - 'tournament_id' Parameter SQL Injection
Rapid Classified 3.1 - viewad.asp id Parameter SQL Injection
Rapid Classified 3.1 - view_print.asp id Parameter Cross-Site Scripting
Rapid Classified 3.1 - search.asp SH1 Parameter Cross-Site Scripting
Rapid Classified 3.1 - reply.asp Multiple Parameter Cross-Site Scripting
Rapid Classified 3.1 - advsearch.asp Denial of Serviceearch Parameter Cross-Site Scripting
Rapid Classified 3.1 - 'viewad.asp' SQL Injection
Rapid Classified 3.1 - 'view_print.asp' Cross-Site Scripting
Rapid Classified 3.1 - 'search.asp' Cross-Site Scripting
Rapid Classified 3.1 - 'reply.asp' Cross-Site Scripting
Rapid Classified 3.1 - 'advsearch.asp' Cross-Site Scripting

WebTester 5.0.20060927 - directions.php typeID Parameter SQL Injection
WebTester 5.0.20060927 - 'typeID' Parameter SQL Injection

phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting
phpPgAdmin 4.1.1 - 'SQLEDIT.php' Cross-Site Scripting

Rapid Classified - AgencyCatResult.asp SQL Injection
Rapid Classified - 'AgencyCatResult.asp' SQL Injection
bcoos 1.0.10 - /myalbum/ratephoto.php lid Parameter SQL Injection
bcoos 1.0.10 - modules/mylinks/ratelink.php lid Parameter SQL Injection
bcoos 1.0.10 - 'ratephoto.php' SQL Injection
bcoos 1.0.10 - 'ratelink.php' SQL Injection

bcoos 1.0.10 - adresses/ratefile.php SQL Injection
bcoos 1.0.10 - 'ratefile.php' SQL Injection

bcoos 1.0.13 - 'include/common.php' Remote File Inclusion
bcoos 1.0.13 - 'common.php' Remote File Inclusion

bcoos 1.0.13 - 'modules/banners/click.php' SQL Injection
bcoos 1.0.13 - 'click.php' SQL Injection
Z1Exchange 1.0 - showads.php id Parameter SQL Injection
Z1Exchange 1.0 - showads.php id Parameter Cross-Site Scripting
Z1Exchange 1.0 - 'id' Parameter SQL Injection
Z1Exchange 1.0 - 'id' Parameter Cross-Site Scripting

dotnetindex Professional Download Assistant 0.1 - SQL Injection
Professional Download Assistant 0.1 - SQL Injection
Active Bids - search.asp search Parameter Cross-Site Scripting
Active Bids - search.asp search Parameter SQL Injection
Active Bids - 'search' Parameter Cross-Site Scripting
Active Bids - 'search' Parameter SQL Injection

eZ Publish 4.x 'ezjscore' Module - Cross-Site Scripting
EZ Publish 4.x 'ezjscore' Module - Cross-Site Scripting

Atlassian Confluence Jira 5.9.12 - Persistent Cross-Site Scripting
2017-01-05 05:01:17 +00:00
..
dos DB: 2016-09-03 2016-09-03 13:13:25 +00:00
remote DB: 2015-05-15 2015-05-15 05:02:32 +00:00
webapps DB: 2017-01-05 2017-01-05 05:01:17 +00:00