Boesch It-consulting : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.40%
Published
2006-10-27
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.22%
Published
2006-10-26
Updated
2012-08-06
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Max CVSS
7.5
EPSS Score
1.85%
Published
2006-09-23
Updated
2017-10-19
3 vulnerabilities found