| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-6274 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) day or (2) year parameter.
|
08-08-2017 - 01:29 | 07-12-2007 - 11:46 | |
| CVE-2007-6266 | 7.5 |
Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/rate
|
08-08-2017 - 01:29 | 07-12-2007 - 11:46 | |
| CVE-2007-5104 | 7.5 |
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are
|
29-07-2017 - 01:33 | 26-09-2007 - 22:17 | |
| CVE-2007-6275 | 7.5 |
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266.
|
03-09-2009 - 04:00 | 07-12-2007 - 11:46 | |
| CVE-2007-6365 | 4.3 |
Cross-site scripting (XSS) vulnerability in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 allows remote attackers to inject arbitrary web script or HTML via the month parameter. NOTE: the provenance of this information is unknown; t
|
05-09-2008 - 21:33 | 15-12-2007 - 01:46 |