CVE Tools

fipsasp

Web & CMS Pluginscommercial

11

Cumulative CVEs

8

Monthly snapshots

#34

Peak rank

Top products

Latest CVEs

The 12 most recently published vulnerabilities affecting fipsasp.

CVE-2010-0765fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for _database/forumFips.mdb.5.0Mar 2, 2010
CVE-2009-2022fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain sensitive information via ...5.0Jun 9, 2009
CVE-2008-3722SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; th...7.5Aug 20, 2008
CVE-2008-3417SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 a...7.5Jul 31, 2008
CVE-2008-2124SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter.7.5May 9, 2008
CVE-2007-2561SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115.7.5May 9, 2007
CVE-2006-6243Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) did parameter.7.5Dec 4, 2006
CVE-2006-6117SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter.7.5Nov 26, 2006
CVE-2006-6116SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the kat parameter.7.5Nov 26, 2006
CVE-2006-6115SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.7.5Nov 26, 2006
CVE-2006-3031Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4...4.3Jun 15, 2006
CVE-2006-3022Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter.6.8Jun 15, 2006