Vulnerabilities > Luxsoft > Luxcal WEB Calendar > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-20 | CVE-2023-46700 | SQL Injection vulnerability in Luxsoft Luxcal web Calendar SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database. | 9.8 |
| 2023-08-21 | CVE-2023-39939 | SQL Injection vulnerability in Luxsoft Luxcal web Calendar SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it. | 9.1 |