Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

luxsoft luxcal web calendar vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2023-46700
SQL injection vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information...
Luxsoft Luxcal Web Calendar
9.8
CVSSv3
CVE-2021-45914
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
9.8
CVSSv3
CVE-2021-45915
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
9.1
CVSSv3
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute arbitrary queries against the database and obtain or alter the information in it.
Luxsoft Luxcal Web Calendar
6.1
CVSSv3
CVE-2023-47175
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is accessing the product...
Luxsoft Luxcal Web Calendar
6.1
CVSSv3
CVE-2023-39543
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is using the product.
Luxsoft Luxcal Web Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook