Vulnerabilities > CVE-2007-1111 - Unspecified vulnerability in Activecalendar 1.2.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
activecalendar
exploit available
NVD
Published: 2007-02-26
Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.

Vulnerable Configurations

Part Description Count
Application
Activecalendar
1

Exploit-Db

  • descriptionActive Calendar 1.2 data/m_3.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29649
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29649/
    titleActive Calendar 1.2 data/m_3.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/m_4.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29650
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29650/
    titleActive Calendar 1.2 data/m_4.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/flatevents.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29646
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29646/
    titleActive Calendar 1.2 data/flatevents.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/y_2.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29651
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29651/
    titleActive Calendar 1.2 data/y_2.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/y_3.php css Parameter XSS. CVE-2007-1111 . Webapps exploit for php platform
    idEDB-ID:29652
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29652/
    titleActive Calendar 1.2 data/y_3.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/m_2.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29648
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29648/
    titleActive Calendar 1.2 data/m_2.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/mysqlevents.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29653
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29653/
    titleActive Calendar 1.2 data/mysqlevents.php css Parameter XSS
  • descriptionActive Calendar 1.2 data/js.php css Parameter XSS. CVE-2007-1111. Webapps exploit for php platform
    idEDB-ID:29647
    last seen2016-02-03
    modified2007-02-24
    published2007-02-24
    reporterSimon Bonnard
    sourcehttps://www.exploit-db.com/download/29647/
    titleActive Calendar 1.2 data/js.php css Parameter XSS

References