Lebisoft : Security Vulnerabilities, CVEs,
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb.
Max CVSS
5.0
EPSS Score
0.60%
Published
2010-03-23
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp in Lebisoft zdefter 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ad and (2) konu parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
4.3
EPSS Score
0.23%
Published
2007-06-26
Updated
2017-07-29
2 vulnerabilities found