Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5426
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote malicious users to execute arbitrary PHP code via a URL in the LIBDIR parameter.
Local Calendar System Local Calendar System 1.1
1 EDB exploit
NA
CVE-2014-7138
Cross-site scripting (XSS) vulnerability in the Google Calendar Events plugin prior to 2.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the gce_feed_ids parameter in a gce_ajax action to wp-admin/admin-ajax.php.
Google Calendar Events Project Google Calendar Events
NA
CVE-2006-0206
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and previous versions allows remote malicious users to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
Light Weight Calendar Light Weight Calendar 1.0
1 EDB exploit
NA
CVE-2008-2749
Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote malicious users to cause a denial of service (daemon crash) via unspecified vectors.
Sun Java System Calendar Server 6.3
Sun Java System Calendar Server 6
Sun One Calendar Server 6.0
NA
CVE-2009-1219
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 up to and including 6.3-7.01 allows remote malicious users to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters i...
Sun Java System Calendar Server 6
Sun Java System Calendar Server 6.3
Sun One Calendar Server 6.0
1 EDB exploit
NA
CVE-2009-3157
Cross-site scripting (XSS) vulnerability in the Calendar module 6.x prior to 6.x-2.2 for Drupal allows remote authenticated users, with "create new content types" privileges, to inject arbitrary web script or HTML via the title of a content type.
Karen Stevenson Calendar 6.x-2.0
Karen Stevenson Calendar 6.x-2.1
Karen Stevenson Calendar 6.x-2.x-dev
NA
CVE-2009-1218
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 up to and including 6.3-7.01 allow remote malicious users to inject arbitrary web script or HTML via (1) the fmt-out ...
Sun Java System Calendar Server 6
Sun Java System Calendar Server 6.3
Sun One Calendar Server 6.0
1 EDB exploit
NA
CVE-2008-5737
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Nodstrum Mysql Calendar 1.2
Nodstrum Mysql Calendar 1.1
1 EDB exploit
NA
CVE-2008-5738
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
Nodstrum Mysql Calendar 1.1
Nodstrum Mysql Calendar 1.2
1 EDB exploit
5.4
CVSSv3
CVE-2023-3787
A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the pu...
Tiva Events Calendar Project Tiva Events Calendar 1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »