VYPR

Boltwire

by Boltwire

CVEs (4)

  • CVE-2023-46501Nov 7, 2023
    risk 0.01cvss epss 0.01

    An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function.

  • CVE-2022-24227Feb 15, 2022
    risk 0.00cvss epss 0.02

    A cross-site scripting (XSS) vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters.

  • CVE-2013-0737Jan 2, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter.

  • CVE-2013-2651Oct 23, 2013
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) "p" or (2) content parameter to index.php.