Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Boesch It-consulting Subscribe
Filtered by product Progsys
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5560 1 Boesch It-consulting 1 Progsys 2018-10-17 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. NOTE: some of these details are obtained from third party information.
CVE-2006-4944 1 Boesch It-consulting 1 Progsys 2017-10-18 7.5 HIGH N/A
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.