Iatek : Security Vulnerabilities, CVEs, CVSS score >= 5
SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-03-20
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
Max CVSS
6.8
EPSS Score
0.95%
Published
2005-12-22
Updated
2013-07-18
SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
Max CVSS
7.5
EPSS Score
0.18%
Published
2005-05-02
Updated
2008-09-05
SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.
Max CVSS
7.5
EPSS Score
0.28%
Published
2005-05-02
Updated
2017-07-11
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.
Max CVSS
5.0
EPSS Score
3.80%
Published
2004-01-04
Updated
2017-07-11
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.
Max CVSS
10.0
EPSS Score
0.17%
Published
2002-12-31
Updated
2017-07-11
6 vulnerabilities found