Brain Book Software: Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.
CVSS Score
4.3
EPSS Score
0.005
Published
2007-07-26
Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.20070629 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-07-26
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2006-03-24
AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
CVSS Score
5.0
EPSS Score
0.006
Published
2006-03-24