Filtered by vendor Smartwin Technology Subscriptions
Filtered by product Cyberoffice Warehouse Builder Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-2179 1 Smartwin Technology 1 Cyberoffice Warehouse Builder 2024-11-21 N/A
Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm.
CVE-2006-2178 1 Smartwin Technology 1 Cyberoffice Warehouse Builder 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to login.asp, (2) ProductIndex parameter to browse0.htm, (3) rowcolor parameter to result.asp, or (4) heading parameter to result.asp. NOTE: vectors 1 and 2 might be resultant from SQL injection.