Bugtraq mailing list archives
Re: Multiple Vulnerabilities in phpScheduleIt
From: Nick Korbel <nkorbel () hotmail com>
Date: 17 Sep 2004 22:02:43 -0000
In-Reply-To: <20040831195301.5769.qmail () www securityfocus com> This vulnerability has been fixed in version 1.0.0. Please download and upgrade http://sourceforge.net/project/showfiles.php?group_id=95547&package_id=101920&release_id=267509
--------------------------------------------------------------------------- Multiple Vulnerabilities in phpScheduleIt --------------------------------------------------------------------------- Author: Joxean Koret Date: 2004 Location: Basque Country --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ phpScheduleIt 1.0.0 RC1 phpScheduleIt is a web application that attempts to solve the problem of scheduling and managing resource utilization. It provides a permissions-based calendar that allows users to self-register and reserve resources and the tools to manage those reservations. Some typical applications are conference room, equipment, or work shift scheduling. Web : http://www.php.brickhost.com/ --------------------------------------------------------------------------- Vulnerabilities: ~~~~~~~~~~~~~~~~ A. Multiple Cross Site Scripting Vulnerabilities
B. Privilege Excalation Vulnerabilities
Current thread:
- Re: Multiple Vulnerabilities in phpScheduleIt Nick Korbel (Sep 18)