2 matches found
CVE-2008-3348
The CVE-2008-3348 issue affects MyioSoft EasyDynamicPages 3.0 trial edition (tr). The vulnerable component is staticpages/easycalendar/index.php, where the year parameter enables cross-site scripting (XSS). The underlying effect is that remote attackers can inject arbitrary web script or HTML, po...
CVE-2008-3347
The CVE-2008-3347 entry describes an SQL injection in MyioSoft EasyDynamicPages 3.0 trial edition (tr) affecting staticpages/easycalendar/index.php, exploitable via the read parameter to allow remote SQL commands. The base score is 7.5 (HIGH) per NVD, with network attack vector and low complexity...