In-Reply-To: <20040831195301.5769.qmail (at) www.securityfocus (dot) com [email concealed]>
This vulnerability has been fixed in version 1.0.0. Please download and upgrade http://sourceforge.net/project/showfiles.php?group_id=95547&package_id=1
01920&release_id=267509
This vulnerability has been fixed in version 1.0.0. Please download and upgrade http://sourceforge.net/project/showfiles.php?group_id=95547&package_id=1
01920&release_id=267509
>-----------------------------------------------------------------------
----
> Multiple Vulnerabilities in phpScheduleIt
>-----------------------------------------------------------------------
----
>
>Author: Joxean Koret
>Date: 2004
>Location: Basque Country
>
>-----------------------------------------------------------------------
----
>
>Affected software description:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>phpScheduleIt 1.0.0 RC1
>
>phpScheduleIt is a web application that attempts
>to solve the problem of
>scheduling and managing resource utilization. It
>provides a permissions-based
>calendar that allows users to self-register and
>reserve resources and the
>tools to manage those reservations.
>
>Some typical applications are conference room,
>equipment, or work shift scheduling.
>
>Web : http://www.php.brickhost.com/
>
>-----------------------------------------------------------------------
----
>
>Vulnerabilities:
>~~~~~~~~~~~~~~~~
>
>A. Multiple Cross Site Scripting Vulnerabilities
>B. Privilege Excalation Vulnerabilities
[ reply ]