Aeries : Security Vulnerabilities, CVEs, CVSS score >= 5
Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942.
Max CVSS
6.8
EPSS Score
0.20%
Published
2008-03-31
Updated
2018-10-11
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-25
Updated
2018-10-15
SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-25
Updated
2018-10-15
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.50%
Published
2007-12-24
Updated
2018-10-15
4 vulnerabilities found