Vulnerabilities > Ocean12 Technologies > Calendar Manager PRO > 1.00
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-09 | CVE-2006-2265 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | 2.6 |
2006-05-09 | CVE-2006-2264 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. | 6.5 |