XLineSoft ASPRunner 1.0/2.x - Database Direct Request Information Disclosure

EDB-ID:

24317




Platform:

ASP

Date:

2004-07-26


source: https://www.securityfocus.com/bid/10799/info
  
ASPRunner is reported prone to multiple vulnerabilities. The reported issues include SQL injection, cross-site scripting, information disclosure and unauthorized access to database files.
  
ASPRunner versions 2.4 and prior are affect by these issues.

http://www.example.com/db/[DB-FILE-NAME]