Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendar vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-1252
Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote malicious users to execute arbitrary PHP code via the date parameter to index.php.
Light Weight Calendar Light Weight Calendar 1.0
1 EDB exploit
383
VMScore
CVE-2014-7138
Cross-site scripting (XSS) vulnerability in the Google Calendar Events plugin prior to 2.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the gce_feed_ids parameter in a gce_ajax action to wp-admin/admin-ajax.php.
Google Calendar Events Project Google Calendar Events
755
VMScore
CVE-2006-0206
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and previous versions allows remote malicious users to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
Light Weight Calendar Light Weight Calendar 1.0
1 EDB exploit
NA
CVE-2023-46613
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions.
Add-to-calendar-button Add To Calendar Button
NA
CVE-2023-3787
A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the pu...
Tiva Events Calendar Project Tiva Events Calendar 1.4
755
VMScore
CVE-2008-5737
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Nodstrum Mysql Calendar 1.2
Nodstrum Mysql Calendar 1.1
1 EDB exploit
755
VMScore
CVE-2008-5738
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
Nodstrum Mysql Calendar 1.1
Nodstrum Mysql Calendar 1.2
1 EDB exploit
755
VMScore
CVE-2018-5315
The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.
Wp Events Calendar Project Wp Events Calendar 1.0
1 EDB exploit
632
VMScore
CVE-2008-2749
Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote malicious users to cause a denial of service (daemon crash) via unspecified vectors.
Sun Java System Calendar Server 6.3
Sun Java System Calendar Server 6
Sun One Calendar Server 6.0
435
VMScore
CVE-2009-1218
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 up to and including 6.3-7.01 allow remote malicious users to inject arbitrary web script or HTML via (1) the fmt-out ...
Sun Java System Calendar Server 6
Sun Java System Calendar Server 6.3
Sun One Calendar Server 6.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »