ByteOS Network

ifusionservices

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2008-7114

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-6.8||MEDIUM

EPSS-0.32% / 54.32%

7 Day CHG~0.00%

Published-28 Aug, 2009 | 15:00

Updated-07 Aug, 2024 | 11:56

SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.

Vendor-ifusionservices n/a

Product-ifdate n/a

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2007-2713

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-2.04% / 83.11%

7 Day CHG~0.00%

Published-16 May, 2007 | 10:00

Updated-07 Aug, 2024 | 13:49

ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.

Vendor-ifusionservices n/a

Product-ifdate n/a

CVE-2006-2663

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-0.55% / 67.07%

7 Day CHG~0.00%

Published-30 May, 2006 | 21:00

Updated-03 Apr, 2025 | 01:03

Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 allow remote attackers to inject arbitrary web script or HTML via certain inputs to (1) acc_verify.php or (2) project.php.

Vendor-ifusionservices n/a

Product-iflance n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')