Swsoft: >> Confixx >> 3.0.6 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVSS Score
4.3
EPSS Score
0.01
Published
2006-05-17
SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.
CVSS Score
7.5
EPSS Score
0.016
Published
2006-04-13
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVSS Score
7.5
EPSS Score
0.006
Published
2005-05-02