2 matches found
CVE-2005-0302
SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header...
CVE-2005-0303
CVE-2005-0303 applies to BackOffice Lite 6.0 and 6.01, where two files (comersus_supportError.asp and comersus_backofficelite_supportError.asp) are vulnerable to cross-site scripting via the error parameter. The underlying issue is reflected XSS allowing remote attackers to inject arbitrary scrip...