Asp User Engine CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-6494	1 Robs-projects	1 Asp User Engine.net	2025-04-09	N/A
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb.
CVE-2008-5601	1 Robs-projects	1 Asp User Engine	2025-04-09	N/A
User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb.

Page 1 of 1.