Sign in Subscribe

← All vendors

Vendor

Primoris Software

Products

1

CVEs

2

Across products

2

Status

Private

Products

1

Officeflow
2 CVEs

Recent CVEs

2

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2006-2953		0.00	—	0.01		Jun 12, 2006	Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the sqlType parameter.
CVE-2006-2954		0.00	—	0.01		Jun 12, 2006	SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.

CVE-2006-2953Jun 12, 2006
risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the sqlType parameter.
CVE-2006-2954Jun 12, 2006
risk 0.00cvss —epss 0.01
SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.