Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| voxel | cbms | * |
Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| voxel | cbms | * |