Lucene search
MaxxcodeMaxxschedule1.0
2 matches found
CVE-2006-2258
Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter.
2.6CVSS5.7AI score0.00622EPSS
CVE-2006-2259
SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter.
7.5CVSS8.4AI score0.00816EPSS