Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webcalendar vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-1495
install/index.php in WebCalendar prior to 1.2.5 allows remote malicious users to execute arbitrary code via the form_single_user_login parameter.
Webcalendar Project Webcalendar
2 EDB exploits
1 Github repository
8.8
CVSSv3
CVE-2012-1496
Local file inclusion in WebCalendar prior to 1.2.5.
Webcalendar Project Webcalendar
1 EDB exploit
6.1
CVSSv3
CVE-2024-22635
WebCalendar v1.3.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php.
Webcalendar Project Webcalendar 1.3.0
6.1
CVSSv3
CVE-2017-10840
Cross-site scripting vulnerability in WebCalendar 1.2.7 and previous versions allows an malicious user to inject arbitrary web script or HTML via unspecified vectors.
Webcalendar Project Webcalendar 1.2.7
5.4
CVSSv3
CVE-2023-0289
Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master.
Webcalendar Project Webcalendar -
5.3
CVSSv3
CVE-2013-1422
webcalendar prior to 1.2.7 shows the reason for a failed login (e.g., "no such user").
Webcalendar Project Webcalendar
4.9
CVSSv3
CVE-2017-10841
Directory traversal vulnerability in WebCalendar 1.2.7 and previous versions allows authenticated malicious users to read arbitrary files via unspecified vectors.
Webcalendar Project Webcalendar 1.2.7
NA
CVE-2013-1421
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar prior to 1.2.5, 1.2.6, and other versions prior to 1.2.7 allows remote malicious users to inject arbitrary web script or HTML via the Category Name field to category.php.
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.2.6
Webcalendar Project Webcalendar
Webcalendar Project Webcalendar 1.1.2
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2.3
NA
CVE-2012-5384
Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote malicious users to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] vari...
Webcalendar Project Webcalendar -
NA
CVE-2012-5385
install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.2.4
Webcalendar Project Webcalendar 1.2.3
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »