Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP-Calendar prior to 2.0 Beta7 allow remote malicious users to inject arbitrary web script or HTML via the (1) description and (2) lastaction parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php-calendar php-calendar 0.9.1 |
||
php-calendar php-calendar 0.3 |
||
php-calendar php-calendar 0.2 |
||
php-calendar php-calendar 2.0 |
||
php-calendar php-calendar |
||
php-calendar php-calendar 0.6 |
||
php-calendar php-calendar 0.7 |
||
php-calendar php-calendar 1.1 |
||
php-calendar php-calendar 0.8 |
||
php-calendar php-calendar 0.9 |
||
php-calendar php-calendar 0.10 |
||
php-calendar php-calendar 0.1 |
||
php-calendar php-calendar 0.4 |
||
php-calendar php-calendar 0.5 |