Vulnerabilities > Ocean12 Technologies > Calendar Manager PRO > 1.00

DATE	CVE	VULNERABILITY TITLE	RISK
2006-05-09	CVE-2006-2265	Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. network high complexity ocean12-technologies	2.6
2006-05-09	CVE-2006-2264	Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. network low complexity ocean12-technologies	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.