Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual calendar virtual calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0928
Virtual Calendar stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an encoded password via a direct request for pwd.txt.
Virtual Calendar Virtual Calendar
NA
CVE-2007-0952
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote malicious users to inject arbitrary web script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the intended range.
Scriptsez.net Virtual Calendar
NA
CVE-2004-1423
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar prior to 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote malicious users to execute arbitrary PHP code via a URL in the phpc_root_path parame...
Php-calendar Php-calendar 0.8
Php-calendar Php-calendar 0.9
Php-calendar Php-calendar 0.1
Php-calendar Php-calendar 0.2
Php-calendar Php-calendar 0.9.1
Php-calendar Php-calendar
Php-calendar Php-calendar 0.5
Php-calendar Php-calendar 0.6
Php-calendar Php-calendar 0.7
Php-calendar Php-calendar 0.3
Php-calendar Php-calendar 0.4
1 EDB exploit
4.3
CVSSv3
CVE-2023-6244
The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 (Pro) & 2.2.8 (Free). This is due to missing or incorrect nonce validation on the save_virtual_event_settings fun...
Myeventon Eventon
Myeventon Eventon-lite
6.5
CVSSv3
CVE-2023-6158
The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evo_eventpost_update_meta function in all versions up to, and including, 4.5.4 (for Pro) and 2.2...
Myeventon Eventon
Myeventon Eventon-lite
4.3
CVSSv3
CVE-2023-6242
The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 (for Pro) & 2.2.7 (for Free). This is due to missing or incorrect nonce validation on the evo_eventpost_update_me...
Myeventon Eventon
Myeventon Eventon-lite
NA
CVE-2006-0027
Unspecified vulnerability in Microsoft Exchange allows remote malicious users to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.
Microsoft Exchange Server 2003
Microsoft Exchange Server 2000
NA
CVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. whe...
Microsoft Exchange Server 2003
Microsoft Sharepoint Services 2.0
Microsoft Windows Server 2003
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started