In-Reply-To: <20040831195301.5769.qmail@xxxxxxxxxxxxxxxxxxxxx> This vulnerability has been fixed in version 1.0.0. Please download and upgrade http://sourceforge.net/project/showfiles.php?group_id=95547&package_id=101920&release_id=267509 >--------------------------------------------------------------------------- > Multiple Vulnerabilities in phpScheduleIt >--------------------------------------------------------------------------- > >Author: Joxean Koret >Date: 2004 >Location: Basque Country > >--------------------------------------------------------------------------- > >Affected software description: >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >phpScheduleIt 1.0.0 RC1 > >phpScheduleIt is a web application that attempts >to solve the problem of >scheduling and managing resource utilization. It >provides a permissions-based >calendar that allows users to self-register and >reserve resources and the >tools to manage those reservations. > >Some typical applications are conference room, >equipment, or work shift scheduling. > >Web : http://www.php.brickhost.com/ > >--------------------------------------------------------------------------- > >Vulnerabilities: >~~~~~~~~~~~~~~~~ > >A. Multiple Cross Site Scripting Vulnerabilities >B. Privilege Excalation Vulnerabilities
