Vulnerabilities > Primoris Software
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-12 | CVE-2006-2954 | Input Validation vulnerability in OfficeFlow SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter. | 7.5 |
2006-06-12 | CVE-2006-2953 | Input Validation vulnerability in OfficeFlow Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the sqlType parameter. network primoris-software | 4.3 |