Vulnerabilities > Itechscripts > Proman Xpress > 5.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-13 | CVE-2012-4266 | Cross-Site Scripting vulnerability in Itechscripts Proman Xpress 5.0.1 Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. | 4.3 |
2012-08-13 | CVE-2012-4265 | SQL Injection vulnerability in Itechscripts Proman Xpress 5.0.1 SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |