2 matches found
CVE-2009-2887
CVE-2009-2887 describes a Cross-site scripting (XSS) vulnerability in bios.php of PHP Scripts Now President Bios. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the rank parameter. The NVD entry provides a CVSS v2 base score of 4.3 (Medium) with network attac...
CVE-2009-2886
The CVE refers to a SQL injection vulnerability in the PHP Scripts Now product’s bios.php (President Bios) that allows remote attackers to execute arbitrary SQL commands through the rank parameter. Affected component: bios.php in the President Bios module. Root cause: improper input handling/unsa...