Ezboxx » Portal System Beta : Security Vulnerabilities, CVEs, CVSS score >= 4
Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the pic parameter to custom/piczoom.asp, (2) the nocatname parameter to boxx/user-upload.asp, or (3) the iid parameter to indexes/newscomments.asp.
Max CVSS
6.8
EPSS Score
2.03%
Published
2007-01-16
Updated
2018-10-16
1 vulnerabilities found