2 matches found
PT-2025-44175
Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the txt...
CVE-2008-5926
Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the 1 login parameter aka user field or the 2 password parameter aka pass field. NOTE: some of these details are obtained from third party information...