Boesch It-Consulting: >> Progsys Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. NOTE: some of these details are obtained from third party information.
CVSS Score
4.3
EPSS Score
0.005
Published
2006-10-27
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
CVSS Score
7.5
EPSS Score
0.023
Published
2006-09-23