Vulnerabilities > Webcalendar Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-25 | CVE-2024-22635 | Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.3.0 WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php. | 6.1 |
2023-01-13 | CVE-2023-0289 | Unspecified vulnerability in Webcalendar Project Webcalendar Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master. | 5.4 |
2020-02-04 | CVE-2013-1422 | Information Exposure Through Discrepancy vulnerability in Webcalendar Project Webcalendar webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user"). | 5.3 |
2020-01-27 | CVE-2012-1496 | Injection vulnerability in Webcalendar Project Webcalendar Local file inclusion in WebCalendar before 1.2.5. | 8.8 |
2020-01-27 | CVE-2012-1495 | Injection vulnerability in Webcalendar Project Webcalendar install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | 9.8 |
2017-08-29 | CVE-2017-10841 | Path Traversal vulnerability in Webcalendar Project Webcalendar 1.2.7 Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | 4.9 |
2017-08-29 | CVE-2017-10840 | Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.2.7 Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |