RSS   Vulnerabilities for 'Proman xpress'   RSS

2012-08-13
 
CVE-2012-4266

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.

 
 
CVE-2012-4265

CWE-89
 

 
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

 

 >>> Vendor: Itechscripts 8 Products
Auction script
Itechclassifieds
Itechbids
Classifieds script
Travelon express
Proman xpress
Gigs script
B2b script


Copyright 2024, cxsecurity.com

 

Back to Top