Vulnerabilities > Postnuke Software Foundation > Postcalendar

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-1787 SQL Injection vulnerability in Postnuke Software Foundation Postcalendar 4.0.0
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
network
low complexity
postnuke-software-foundation
7.5
2002-08-12 CVE-2002-0739 Cross-Site Scripting vulnerability in Postnuke Software Foundation Postcalendar 3.0
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.
network
low complexity
postnuke-software-foundation
7.5