[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple Vulnerabilities in phpScheduleIt

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Multiple Vulnerabilities in phpScheduleIt
From: Nick Korbel <nkorbel@xxxxxxxxxxx>
Date: 17 Sep 2004 22:02:43 -0000

In-Reply-To: <20040831195301.5769.qmail@xxxxxxxxxxxxxxxxxxxxx>

This vulnerability has been fixed in version 1.0.0.  Please download and 
upgrade 
http://sourceforge.net/project/showfiles.php?group_id=95547&package_id=101920&release_id=267509

>--------------------------------------------------------------------------- 
>              Multiple Vulnerabilities in phpScheduleIt 
>--------------------------------------------------------------------------- 
> 
>Author: Joxean Koret 
>Date: 2004  
>Location: Basque Country 
> 
>--------------------------------------------------------------------------- 
> 
>Affected software description: 
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
> 
>phpScheduleIt 1.0.0 RC1 
> 
>phpScheduleIt is a web application that attempts 
>to solve the problem of  
>scheduling and managing resource utilization. It 
>provides a permissions-based  
>calendar that allows users to self-register and 
>reserve resources and the  
>tools to manage those reservations. 
> 
>Some typical applications are conference room, 
>equipment, or work shift scheduling. 
> 
>Web : http://www.php.brickhost.com/ 
> 
>--------------------------------------------------------------------------- 
> 
>Vulnerabilities: 
>~~~~~~~~~~~~~~~~ 
> 
>A. Multiple Cross Site Scripting Vulnerabilities 

>B. Privilege Excalation Vulnerabilities

Prev by Date: Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability.
Next by Date: Sudo Exploit by Rosiello Security
Previous by thread: Multiple Vulnerabilities in phpScheduleIt
Next by thread: MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service
Index(es):
- Date
- Thread