Vulnerabilities > Ezboxx > Ezboxx Portal System
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-16 | CVE-2007-0266 | Cross-Site Scripting vulnerability in Ezboxx Portal System Beta0.7.6 SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter. | 7.5 |
2007-01-16 | CVE-2007-0259 | Information Exposure vulnerability in Ezboxx Portal System Beta0.7.6 Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to obtain sensitive information via an invalid cat parameter to boxx/knowledgebase.asp, which reveals the path in an error message. | 7.8 |