IDCVSSSummaryLast (major) updatePublished
CVE-2008-6381 4.6
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
29-09-2017 - 01:33 02-03-2009 - 19:30
CVE-2007-6275 7.5
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266.
03-09-2009 - 04:00 07-12-2007 - 11:46
CVE-2008-7036 4.3
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1
17-08-2017 - 01:29 24-08-2009 - 10:30
CVE-2007-6274 4.3
Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) day or (2) year parameter.
08-08-2017 - 01:29 07-12-2007 - 11:46
Back to Top Mark selected
Back to Top