Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
luxsoft luxcal web calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46700
SQL injection vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information...
Luxsoft Luxcal Web Calendar
NA
CVE-2023-47175
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is accessing the product...
Luxsoft Luxcal Web Calendar
NA
CVE-2023-39543
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is using the product.
Luxsoft Luxcal Web Calendar
NA
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute arbitrary queries against the database and obtain or alter the information in it.
Luxsoft Luxcal Web Calendar
668
VMScore
CVE-2021-45914
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
668
VMScore
CVE-2021-45915
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started