2 matches found
CVE-2006-3095
CVE-2006-3095 affects iPostMX 2005 2.0 and earlier. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the RETURNURL parameter in userlogin.cfm and account.cfm. The NVD entry provides a CVSS v2 base score of 4.3 (M...
CVE-2006-3096
CVE-2006-3096: Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL via user-controlled input in (1) the forum parameter in messagepost.cfm and (2) the topic parameter in topics.cfm. Root cause described as improper handling of inp...