Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendarix vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-1835
Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote malicious users to inject arbitrary web script or HTML via the ycyear parameter.
Vincent Hor Calendarix 0.6.2005-08-30
Vincent Hor Calendarix Advanced 1.5.2005-05-01
1 EDB exploit
7.5
CVSSv2
CVE-2008-2429
Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote malicious users to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and ...
Calendarix Basic 0.8.20071118
7.5
CVSSv2
CVE-2006-4135
PHP remote file inclusion vulnerability in cal_config.inc.php in Calendarix 0.7.20060401 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the calpath parameter. NOTE: this issue has been disputed by a third party, who says that the af...
Vincent Hor Calendarix
5.1
CVSSv2
CVE-2006-3094
Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and previous versions, with magic_quotes_gpc disabled, allow remote malicious users to execute arbitrary SQL commands via the id parameter in (1) cal_event.php and (2) cal_popup.php.
Vincent Hor Calendarix Basic
7.5
CVSSv2
CVE-2005-1865
Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote malicious users to execute arbitrary SQL commands via the catview parameter to (1) cal_week.php, (2) cal_cat.php, or (3) cal_day.php, or (4) id parameter to cal_pophols.php.
Vincent Hor Calendarix Advanced 1.5
4.3
CVSSv2
CVE-2005-1866
Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote malicious users to inject arbitrary web script or HTML via the year parameter.
Vincent Hor Calendarix Advanced 1.5
5
CVSSv2
CVE-2005-1864
PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote malicious users to execute arbitrary PHP code via the calpath parameter.
Vincent Hor Calendarix Advanced 1.5
5
CVSSv2
CVE-2007-3259
Calendarix 0.7.20070307 allows remote malicious users to obtain sensitive information via (1) an invalid month[] parameter to calendar.php, (2) an invalid catview[] parameter to cal_week.php in a week operation, (3) an invalid ycyear[] parameter to yearcal.php, or (4) a direct re...
Vincent Hor Calendarix 0.7.2007-03-07
6.8
CVSSv2
CVE-2007-3183
Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters to calendar.php and the (3) search string to cal_search.php.
Vincent Hor Calendarix 0.7.2007-03-07
1 EDB exploit
7.5
CVSSv2
CVE-2006-0492
Multiple SQL injection vulnerabilities in Calendarix allow remote malicious users to execute arbitrary SQL commands via (1) the catview parameter in cal_functions.inc.php and (2) the login parameter in cal_login.php. NOTE: the catview vector might overlap CVE-2005-1865.
Vincent Hor Calendarix 0.6.2005-08-30
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »