Codefixer : Security Vulnerabilities, CVEs,
SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2009-02-05
Updated
2009-02-05
CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb.
Max CVSS
5.0
EPSS Score
0.66%
Published
2009-03-02
Updated
2017-09-29
2 vulnerabilities found