Known Vulnerabilities for products from Xlinesoft
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Xlinesoft".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2009-0964 json | UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attacke... | 5 - MEDIUM | 2009-03-19 | 2018-10-10 |
| CVE-2009-0963 json | Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQ... | 7.5 - HIGH | 2009-03-19 | 2018-10-10 |
| CVE-2006-5956 json | XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) database names, (3) usernames, and (4) passwords in plaintex... | 2.1 - LOW | 2006-11-17 | 2008-09-05 |
| CVE-2004-2060 json | ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the data... | Not Provided | 2004-12-31 | 2025-04-03 |
| CVE-2004-2059 json | Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML ... | Not Provided | 2004-12-31 | 2025-04-03 |
| CVE-2004-2058 json | ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages. | Not Provided | 2004-12-31 | 2025-04-03 |
| CVE-2004-2057 json | SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements. | Not Provided | 2004-12-31 | 2025-04-03 |