Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendar vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2023-21974
Vulnerability in the Application Express Team Calendar Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Team Calendar Plugin: 18.2-22.1. Easily exploitable vulnerability allows low privileged atta...
Oracle Application Express
9
CVSSv3
CVE-2018-1000836
bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in ...
Apereo Bw-calendar-engine
8.8
CVSSv3
CVE-2024-2831
The Calendar plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcodes in all versions up to, and including, 1.3.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it p...
8.8
CVSSv3
CVE-2023-52142
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For The Events Calendar: from n/a up to and including 2.3.1.
Coolplugins Events Shortcodes For The Events Calendar
8.8
CVSSv3
CVE-2023-51354
Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking.This issue affects Appointment & Event Booking Calendar Plugin – Webba Booking: from n/a up to and including 4.5.33.
Webba-booking Webba Booking
8.8
CVSSv3
CVE-2023-50841
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Cal...
Reputeinfosystems Bookingpress
8.8
CVSSv3
CVE-2023-50842
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a up to and including 1.2.1.
Mf Gig Calendar Project Mf Gig Calendar
8.8
CVSSv3
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
Phpjabbers Time Slots Booking Calendar 4.0
8.8
CVSSv3
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
Phpjabbers Availability Booking Calendar 5.0
8.8
CVSSv3
CVE-2023-48744
Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a up to and including 1.2.6.
Offshorewebmaster Availability Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »