VYPR

Confixx

by Swsoft

CVEs (7)

  • CVE-2007-4009Jul 26, 2007
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter.

  • CVE-2006-2423May 17, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.

  • CVE-2006-1759Apr 13, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter.

  • CVE-2006-1754Apr 13, 2006
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.

  • CVE-2006-3179Jun 23, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter.

  • CVE-2006-3180Jun 23, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter.

  • CVE-2005-1302May 2, 2005
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.