Bosdates Security Vulnerabilities and Issues — Bosdates CVE List

BosdevBosdates

4 matches found

CVE•added 2005/11/30 11:0 a.m.•50 views

CVE-2005-3911

The CVE-2005-3911 entry describes multiple SQL injection vulnerabilities in BosDates 4.0 and earlier , affecting calendar.php . The issue allows remote attackers to execute arbitrary SQL commands via the (1) year and (2) category parameters) . Affected versions: BosDates 4.0 and earlier . Root ca...

7.5CVSS8.9AI score0.00822EPSS

CVE•added 2004/03/18 5:0 a.m.•43 views

CVE-2004-0275

CVE-2004-0275 describes a SQL injection vulnerability in BosDates

5CVSS7.7AI score0.0047EPSS

CVE•added 2006/08/01 9:0 p.m.•42 views

CVE-2006-3957

The CVE-2006-3957 issue affects BosDev BosDates, specifically the payment.php component. The vulnerability is a remote file inclusion that allows an attacker to craft a URL in the insPath parameter to cause the application to execute arbitrary PHP code on the server. This is a server-side code ex...

7.5CVSS7.9AI score0.02067EPSS

CVE•added 2008/03/08 12:0 a.m.•40 views

CVE-2008-1211

CVE-2008-1211 describes a cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x. An attacker can inject arbitrary web script or HTML by supplying crafted input to (1) the type parameter in calendar.php or (2) the category parameter in calendar_search.php. The provided sources (NVD and ...

4.3CVSS5.6AI score0.00324EPSS