Vulnerabilities > Ocean12 Technologies > Calendar Manager PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2265 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | 2.6 |
| 2006-05-09 | CVE-2006-2264 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. | 6.5 |
| 2005-12-31 | CVE-2005-4657 | Authentication Bypass vulnerability in Ocean12 Technologies Calendar Manager PRO 1.01 Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1223 | SQL-Injection vulnerability in Ocean12 Technologies Calendar Manager PRO 1.01 Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field. | 7.5 |