fullrevolution 漏洞與 CVE 列表(5)

產品(CPE): — CVE 數: 5

fullrevolution 漏洞概覽

彙總 fullrevolution 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 SQL 注入、跨站腳本與輸入驗證問題 相關,可能在 生產負載與軟體部署 場景中帶來 工作階段劫持與資料外洩 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 155 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2008-6978 Unrestricted file upload vulnerability in Full Revolution aspWebAlbum 3.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in pics/, related to the uploadmedia action in album.asp. [email protected] 6.8 4.29% 2009-08-19 2026-06-16
CVE-2008-6977 Cross-site scripting (XSS) vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action. [email protected] 4.3 1.75% 2009-08-19 2026-06-16
CVE-2009-1223 aspWebCalendar Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for calendar/calendar.mdb. [email protected] 5.0 1.06% 2009-04-02 2026-06-16
CVE-2008-2832 Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/. [email protected] 10.0 11.80% 2008-06-24 2026-06-16
CVE-2004-1553 SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. [email protected] 7.5 2.38% 2004-12-31 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence