Vulnerabilities > Expinion NET > Member Management System > 2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-1844 | Cross-Site Scripting vulnerability in Expinion.net Member Management System Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. network expinion-net | 4.3 |
2004-03-20 | CVE-2004-1843 | SQL Injection vulnerability in Expinion.net Member Management System ID Parameter SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. | 7.5 |