Vulnerabilities > Electricmonk > Proms > 0.7

DATE CVE VULNERABILITY TITLE RISK
2005-05-24 CVE-2005-1736 Remote Security vulnerability in Proms
PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.
network
low complexity
electricmonk
7.5
7.5
2005-05-24 CVE-2005-1735 Unspecified vulnerability in Electricmonk Proms
Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
network
electricmonk
4.3
4.3
2005-05-24 CVE-2005-1734 Unspecified vulnerability in Electricmonk Proms
Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
network
low complexity
electricmonk
7.5
7.5