Confixx
by Swsoft
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4009 | 0.03 | — | 0.04 | Jul 26, 2007 | PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter. | |||
| CVE-2006-2423 | 0.03 | — | 0.02 | May 17, 2006 | Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter. | |||
| CVE-2006-1759 | 0.03 | — | 0.02 | Apr 13, 2006 | Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter. | |||
| CVE-2006-1754 | 0.03 | — | 0.02 | Apr 13, 2006 | SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter. | |||
| CVE-2006-3179 | 0.00 | — | 0.01 | Jun 23, 2006 | Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter. | |||
| CVE-2006-3180 | 0.00 | — | 0.01 | Jun 23, 2006 | Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | |||
| CVE-2005-1302 | 0.00 | — | 0.01 | May 2, 2005 | SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field. |
- CVE-2007-4009Jul 26, 2007risk 0.03cvss —epss 0.04
PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter.
- CVE-2006-2423May 17, 2006risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
- CVE-2006-1759Apr 13, 2006risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter.
- CVE-2006-1754Apr 13, 2006risk 0.03cvss —epss 0.02
SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.
- CVE-2006-3179Jun 23, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter.
- CVE-2006-3180Jun 23, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
- CVE-2005-1302May 2, 2005risk 0.00cvss —epss 0.01
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.