Every CVE whose affected-product data names Xlinesoft Asprunner, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2004-2057 — CVSS 7.5 (high): SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements.
CVE-2004-2058 — CVSS 5.0 (medium): ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages.
CVE-2004-2059 — CVSS 5.0 (medium): Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1)…
CVE-2004-2060 — CVSS 5.0 (medium): ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a…