31 matches found
EUVD-2006-3950
Malware in sbrugna...
EUVD-2008-1220
Malware in sbrugna...
EUVD-2005-3906
Malware in sbrugna...
EUVD-2004-0275
Malware in sbrugna...
CVE-2006-3957
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter...
BosDev BosDates 3.x SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify th...
Bosdates 3.x/4.0 Payment.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19191/info Bosdates is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...
BosDates 4.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15632/info BosDates is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...
CVE-2008-1211
Cross-site scripting XSS vulnerability in BosDates 3.x and 4.x allows remote attackers to inject arbitrary web script or HTML via 1 the type parameter in calendar.php and 2 the category parameter in calendarsearch.php. NOTE: the provenance of this information is unknown; the details are obtained...
Cross site scripting
Cross-site scripting XSS vulnerability in BosDates 3.x and 4.x allows remote attackers to inject arbitrary web script or HTML via 1 the type parameter in calendar.php and 2 the category parameter in calendarsearch.php. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2008-1211
Cross-site scripting XSS vulnerability in BosDates 3.x and 4.x allows remote attackers to inject arbitrary web script or HTML via 1 the type parameter in calendar.php and 2 the category parameter in calendarsearch.php. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2008-1211
CVE-2008-1211 describes a cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x. An attacker can inject arbitrary web script or HTML by supplying crafted input to (1) the type parameter in calendar.php or (2) the category parameter in calendar_search.php. The provided sources (NVD and ...
CVE-2006-3957
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter...
CVE-2006-3957
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter...
CVE-2006-3957
The CVE-2006-3957 issue affects BosDev BosDates, specifically the payment.php component. The vulnerability is a remote file inclusion that allows an attacker to craft a URL in the insPath parameter to cause the application to execute arbitrary PHP code on the server. This is a server-side code ex...
PT-2006-4803 · Bosdates · Bosdates
Name of the Vulnerable Software and Affected Versions: BosDates affected versions not specified Description: The issue concerns a remote file inclusion vulnerability in the payment.php file of BosDates. This vulnerability allows remote attackers to execute arbitrary PHP code by providing a URL in...
Bosdates 3.x4.0 - Payment.php Remote File Inclusion
Bosdates 3.x4.0 - Payment.php Remote File Inclusion source: https://www.securityfocus.com/bid/19191/info Bosdates is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
Bosdates 3.x/4.0 - 'Payment.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19191/info Bosdates is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the conte...
CVE-2005-3911
Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 category parameters...
CVE-2005-3911
The CVE-2005-3911 entry describes multiple SQL injection vulnerabilities in BosDates 4.0 and earlier , affecting calendar.php . The issue allows remote attackers to execute arbitrary SQL commands via the (1) year and (2) category parameters) . Affected versions: BosDates 4.0 and earlier . Root ca...