Vulnerabilities > Boesch IT Consulting > Progsys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-27 | CVE-2006-5560 | Cross-Site Scripting vulnerability in Boesch It-Consulting Progsys Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. | 4.3 |
| 2006-09-23 | CVE-2006-4944 | Code Injection vulnerability in Boesch It-Consulting Progsys PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. | 7.5 |