CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Clientexec: Security Vulnerabilities

CVE-2007-2805

Multiple cross-site scripting (XSS) vulnerabilities in index.php in ClientExec (CE) 3.0 beta2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) ticketID, (2) view, and (3) fuse parameters.

CVSS Score

4.3

EPSS Score

0.004

Published

2007-05-22

CVE-2005-4630

SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.

CVSS Score

7.5

EPSS Score

0.01

Published

2005-12-31

CVE-2004-1590

Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.

CVSS Score

5.0

EPSS Score

0.004

Published

2004-12-31

Page 1

Vulnerabilities

Vulnerable Software

Clientexec: Security Vulnerabilities

Products

Pricing

Contact Us