Aeries : Security Vulnerabilities, CVEs, CVSS score >= 5

CVE-2008-1549

Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942.
Max CVSS
6.8
EPSS Score
0.20%
Published
2008-03-31
Updated
2018-10-11

CVE-2008-0943

Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-25
Updated
2018-10-15

CVE-2008-0942

SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-25
Updated
2018-10-15

CVE-2007-6517

SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.50%
Published
2007-12-24
Updated
2018-10-15
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close