Vulnerabilities > Bcoos > Bcoos > 1.0.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-24 | CVE-2008-7036 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters. | 4.3 |
2008-05-20 | CVE-2008-2350 | Path Traversal vulnerability in Bcoos Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. | 5.0 |