7 results (0.002 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft Confixx Professional 3.2.1 allows remote attackers to execute arbitrary PHP code via a URL in an unspecified parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inclusión remota de archivo en PHP en fehler.inc.php en SWSoft Confixx Professional 3.2.1 permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en un parámetro no especificado. NOTA: la proveniencia de esta información es desconocida: los detalles se obtuvieron de terceras fuentes de información. • http://www.securityfocus.com/bid/26500 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en tools_ftp_pwaendern.php en Confixx Pro v.3.0 y posiblemente en versiones anteriores, permite a atacantes remotos inyectar código script web de su elección o HTML a través del parámetro account. • http://secunia.com/advisories/20728 http://securityreason.com/securityalert/1126 http://www.osvdb.org/26628 http://www.securityfocus.com/archive/1/437550/100/0/threaded http://www.securityfocus.com/bid/18523 http://www.vupen.com/english/advisories/2006/2429 https://exchange.xforce.ibmcloud.com/vulnerabilities/27222 •

CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. Vulnerabilidad de jecución de secuencias de comandos en sitios cruzados (XSS) en ftp_index.php en Confixx Pro v3.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro "path". • http://archives.neohapsis.com/archives/bugtraq/2006-06/0383.html http://secunia.com/advisories/20728 http://www.osvdb.org/26629 http://www.securityfocus.com/bid/18426 http://www.vupen.com/english/advisories/2006/2429 https://exchange.xforce.ibmcloud.com/vulnerabilities/27222 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1

Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter. • https://www.exploit-db.com/exploits/27884 http://secunia.com/advisories/20105 http://securityreason.com/securityalert/687 http://securityreason.com/securityalert/903 http://www.osvdb.org/25525 http://www.securityfocus.com/archive/1/434034/100/0/threaded http://www.securityfocus.com/bid/17984 http://www.vupen.com/english/advisories/2006/1817 https://exchange.xforce.ibmcloud.com/vulnerabilities/26472 •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 4

Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter. • https://www.exploit-db.com/exploits/27623 http://secunia.com/advisories/19611 http://securitytracker.com/id?1015890 http://www.securityfocus.com/archive/1/430596/100/0/threaded http://www.securityfocus.com/bid/17466 http://www.vupen.com/english/advisories/2006/1331 https://exchange.xforce.ibmcloud.com/vulnerabilities/25748 •