5 matches found
BosDev BosDates 3.x SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify th...
CVE-2008-1211
Cross-site scripting XSS vulnerability in BosDates 3.x and 4.x allows remote attackers to inject arbitrary web script or HTML via 1 the type parameter in calendar.php and 2 the category parameter in calendarsearch.php. NOTE: the provenance of this information is unknown; the details are obtained...
BosDates v4.0 SQL vuln
BosDates v4.0 SQL vuln Vuln. dicovered by : r0t Date: 26 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/bosdates-v40-sql-vuln.html Vendor:http://www.bosdev.com/bosdates/ affected version: BosDates v4.0 and prior Product description: The BosDates event calendar is a flexible calend...
ZH2004-05SA (security advisory): Sql Injection Vulnerability in BosDates
ZH2004-05SA security advisory: Sql Injection Vulnerability in BosDates Published: 11 february 2004 Released: 11 february 2004 Name: BosDates Affected Systems: current and prior versions Issue: Sql Injection Vulnerability Author: G00db0y from Zone-h Security Labs - [email protected] Vendor:...
BosDev BosDates 3.x - SQL Injection
source: https://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify the logic and structure of database...