Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
craig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0252
The dansie shopping cart application cart.pl allows remote malicious users to execute commands via a shell metacharacters in a form variable.
Craig Dansie Dansie Shopping Cart 3.0.4
NA
CVE-2000-0253
The dansie shopping cart application cart.pl allows remote malicious users to modify sensitive purchase information via hidden form fields.
Craig Dansie Dansie Shopping Cart 3.0.4
NA
CVE-2000-0254
The dansie shopping cart application cart.pl allows remote malicious users to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.
Craig Dansie Dansie Shopping Cart 3.0.4
1 EDB exploit
NA
CVE-2011-4535
Buffer overflow in TurboPower Abbrevia prior to 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and previous versions, ScadaTEC ModbusTagServer 4.1.1.81 and previous versions, and other products, allows remote malicious users to cause a denial of service (application crash) or po...
Craig Peterson Turbopower Abbrevia
Scadatec Scadaphone
Scadatec Modbustagserver
2 EDB exploits
NA
CVE-2012-0846
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote malicious users to inject arbitrary web script or HTML via the Location variable.
K5n Webcalendar 1.2.4
NA
CVE-2012-5385
install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.2.4
Webcalendar Project Webcalendar 1.2.3
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.1.2
NA
CVE-2013-1421
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar prior to 1.2.5, 1.2.6, and other versions prior to 1.2.7 allows remote malicious users to inject arbitrary web script or HTML via the Category Name field to category.php.
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.2.6
Webcalendar Project Webcalendar
Webcalendar Project Webcalendar 1.1.2
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2.3
NA
CVE-2012-5384
Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote malicious users to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] vari...
Webcalendar Project Webcalendar -
NA
CVE-2006-1537
Craig Knudsen WebCalendar 1.1.0-CVS allows remote malicious users to obtain sensitive information via a direct request to (1) includes/index.php, (2) tests/add_duration_test.php, (3) tests/all_tests.php, (4) groups.php, (5) nonusers.php, (6) includes/settings.php, (7) includes/in...
Webcalendar Webcalendar 1.1.0
NA
CVE-2007-1343
includes/functions.php in Craig Knudsen WebCalendar prior to 1.0.5 does not protect the noSet variable from external modification, which allows remote malicious users to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant...
Webcalendar Webcalendar 1.0.2
Webcalendar Webcalendar 1.0.3
Webcalendar Webcalendar 1.0.0
Webcalendar Webcalendar 1.0.1
Webcalendar Webcalendar 1.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »