This page aggregates publicly disclosed CVE and security risk information related to brain_book_software, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-4021 | Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.20070629 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters. | [email protected] | 4.3 | 0.25% | 2007-07-26 | 2026-04-23 |
| CVE-2007-4020 | Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters. | [email protected] | 4.3 | 0.47% | 2007-07-26 | 2026-04-23 |
| CVE-2006-1375 | AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php. | [email protected] | 5.0 | 0.57% | 2006-03-24 | 2026-04-16 |
| CVE-2006-1374 | SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter. | [email protected] | 7.5 | 0.51% | 2006-03-24 | 2026-04-16 |