Vulnerabilities > Postnuke Software Foundation > Postcalendar > High

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-1787	SQL Injection vulnerability in Postnuke Software Foundation Postcalendar 4.0.0 SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. network low complexity postnuke-software-foundation	7.5
2002-08-12	CVE-2002-0739	Cross-Site Scripting vulnerability in Postnuke Software Foundation Postcalendar 3.0 Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. network low complexity postnuke-software-foundation	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.