MidnightBSD

Advisories for clientexec

CVE-2004-1590 MEDIUM

Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clientexec clientexec 2.2.1
CVE-2005-4630 HIGH

SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clientexec clientexec 2.3