6 matches found
Sql injection
SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter...
CVE-2006-2258
Cross-site scripting XSS vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter...
CVE-2006-2258
The CVE-2006-2258 entry describes a Cross-site scripting (XSS) vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the Error parameter to inject arbitrary script/HTML. The issue affects the Logon.asp component of MaxxSchedule 1.0 and arises from improper handling of the Error paramete...
CVE-2006-2259
This CVE (CVE-2006-2259) is a SQL injection vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the txtLogon parameter to execute arbitrary SQL commands. The NVD entry specifies a base score of 7.5 (HIGH) with network attack vector and low attack complexity, indicating remote exposure...
CVE-2006-2259
SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter...