Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote malicious users to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
webcalendar webcalendar 0.9.19 |
||
webcalendar webcalendar 0.9.20 |
||
webcalendar webcalendar 0.9.27 |
||
webcalendar webcalendar 0.9.28 |
||
webcalendar webcalendar 0.9.36 |
||
webcalendar webcalendar 0.9.37 |
||
webcalendar webcalendar 0.9.44 |
||
webcalendar webcalendar 0.9.8 |
||
webcalendar webcalendar 0.9.21 |
||
webcalendar webcalendar 0.9.22 |
||
webcalendar webcalendar 0.9.29 |
||
webcalendar webcalendar 0.9.30 |
||
webcalendar webcalendar 0.9.38 |
||
webcalendar webcalendar 0.9.39 |
||
webcalendar webcalendar 0.9.11 |
||
webcalendar webcalendar 0.9.23 |
||
webcalendar webcalendar 0.9.24 |
||
webcalendar webcalendar 0.9.31 |
||
webcalendar webcalendar 0.9.32 |
||
webcalendar webcalendar 0.9.33 |
||
webcalendar webcalendar 0.9.40 |
||
webcalendar webcalendar 0.9.41 |
||
webcalendar webcalendar 0.9.15 |
||
webcalendar webcalendar 0.9.16 |
||
webcalendar webcalendar 0.9.25 |
||
webcalendar webcalendar 0.9.26 |
||
webcalendar webcalendar 0.9.34 |
||
webcalendar webcalendar 0.9.35 |
||
webcalendar webcalendar 0.9.42 |
||
webcalendar webcalendar 0.9.43 |
Vulmon