Vulnerabilities > Expinion NET > Member Management System > 2.1

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-1844	Cross-Site Scripting vulnerability in Expinion.net Member Management System Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. network expinion-net	4.3
2004-03-20	CVE-2004-1843	SQL Injection vulnerability in Expinion.net Member Management System ID Parameter SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. network low complexity expinion-net	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.