Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
luxsoft luxcal vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-45914
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
9.8
CVSSv3
CVE-2021-45915
In LuxSoft LuxCal Web Calendar prior to 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Luxsoft Luxcal
6.1
CVSSv3
CVE-2023-39543
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is using the product.
Luxsoft Luxcal Web Calendar
9.1
CVSSv3
CVE-2023-39939
SQL injection vulnerability in LuxCal Web Calendar before 5.2.3M (MySQL version) and LuxCal Web Calendar before 5.2.3L (SQLite version) allows a remote unauthenticated malicious user to execute arbitrary queries against the database and obtain or alter the information in it.
Luxsoft Luxcal Web Calendar
9.8
CVSSv3
CVE-2023-46700
SQL injection vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information...
Luxsoft Luxcal Web Calendar
6.1
CVSSv3
CVE-2023-47175
Cross-site scripting vulnerability in LuxCal Web Calendar before 5.2.4M (MySQL version) and LuxCal Web Calendar before 5.2.4L (SQLite version) allows a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is accessing the product...
Luxsoft Luxcal Web Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started