Runawaysoft » Haber Portal : Security Vulnerabilities, CVEs,
SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
6.4
EPSS Score
0.43%
Published
2007-05-17
Updated
2017-10-11
RunawaySoft Haber portal 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/xice.mdb.
Max CVSS
5.0
EPSS Score
0.41%
Published
2007-05-17
Updated
2017-10-11
2 vulnerabilities found