index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ximdex | ximdex | 4.0 |
xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ximdex | ximdex | 4.0 |
xowl/request.php in Ximdex 4.0 has XSS via the content parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ximdex | ximdex | 4.0 |
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ximdex | ximdex | 4.0 |