Vulnerabilities > Sfiab

DATE	CVE	VULNERABILITY TITLE	RISK
2011-11-02	CVE-2010-5027	Cross-Site Scripting vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0 Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. network sfiab CWE-79	4.3
2011-11-02	CVE-2010-5026	SQL Injection vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0 SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. network sfiab CWE-89	6.8

Vulnerabilities > Sfiab {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sfiab"}]}