CVE-2006-2258

The CVE-2006-2258 entry describes a Cross-site scripting (XSS) vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the Error parameter to inject arbitrary script/HTML. The issue affects the Logon.asp component of MaxxSchedule 1.0 and arises from improper handling of the Error paramete...

CVE-2006-2259

This CVE (CVE-2006-2259) is a SQL injection vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the txtLogon parameter to execute arbitrary SQL commands. The NVD entry specifies a base score of 7.5 (HIGH) with network attack vector and low attack complexity, indicating remote exposure...