Vulnerabilities > Boesch IT Consulting
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-27 | CVE-2006-5560 | Cross-Site Scripting vulnerability in Boesch It-Consulting Progsys Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. | 4.3 |
2006-10-26 | CVE-2006-5530 | Cross-Site Scripting vulnerability in Boesch It-Consulting Simpnews 2.0.1/2.13/2.30 Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. | 4.3 |
2006-09-23 | CVE-2006-4944 | Code Injection vulnerability in Boesch It-Consulting Progsys PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. | 7.5 |