Iisworks - Listpics CVE

Filtered by vendor Iisworks Subscribe

Filtered by product Listpics

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2006-6350	1 Iisworks	1 Listpics	2024-02-04	10.0 HIGH	N/A
listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb.
CVE-2006-2989	1 Iisworks	1 Listpics	2024-02-04	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.

Vulnerabilities (CVE)