Filtered by vendor Activewebsoftwares
Subscribe
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-6873 | 1 Activewebsoftwares | 1 Active Web Mail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx. | |||||
| CVE-2008-6889 | 1 Activewebsoftwares | 1 Aspreferral | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | |||||
| CVE-2008-5973 | 1 Activewebsoftwares | 1 Active Web Mail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-5972 | 1 Activewebsoftwares | 1 Active Business Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2009-4436 | 1 Activewebsoftwares | 1 Ewebquiz | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706. | |||||
| CVE-2008-6286 | 1 Activewebsoftwares | 1 Active Newsletter | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote attackers to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber.asp or (b) start.asp. NOTE: some of these details are obtained from third party information. | |||||