Swsoft: >> Confixx >> 3.0.6 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVSS Score
4.3
EPSS Score
0.021
Published
2006-05-17
SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.
CVSS Score
7.5
EPSS Score
0.017
Published
2006-04-13
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVSS Score
7.5
EPSS Score
0.012
Published
2005-05-02