Ezboxx : Security Vulnerabilities, CVEs,
SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter.
Max CVSS
7.5
EPSS Score
1.08%
Published
2007-01-16
Updated
2018-10-16
Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the pic parameter to custom/piczoom.asp, (2) the nocatname parameter to boxx/user-upload.asp, or (3) the iid parameter to indexes/newscomments.asp.
Max CVSS
6.8
EPSS Score
2.81%
Published
2007-01-16
Updated
2018-10-16
Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to obtain sensitive information via an invalid cat parameter to boxx/knowledgebase.asp, which reveals the path in an error message.
Max CVSS
7.8
EPSS Score
0.84%
Published
2007-01-16
Updated
2018-10-16
3 vulnerabilities found