Vulnerabilities > Postnuke Software Foundation > Postcalendar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-1787 | SQL Injection vulnerability in Postnuke Software Foundation Postcalendar 4.0.0 SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. | 7.5 |
2002-08-12 | CVE-2002-0739 | Cross-Site Scripting vulnerability in Postnuke Software Foundation Postcalendar 3.0 Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. | 7.5 |