RSS   Vulnerabilities for 'Progsys'   RSS

2006-10-27
 
CVE-2006-5560

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. NOTE: some of these details are obtained from third party information.

 
2006-09-22
 
CVE-2006-4944

 

 
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.

 

 >>> Vendor: Boesch it-consulting 2 Products
Progsys
Simpnews


Copyright 2024, cxsecurity.com

 

Back to Top