CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-5952

Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/38408
http://secunia.com/advisories/27490
http://securityreason.com/securityalert/3337
http://www.securityfocus.com/bid/26312
http://osvdb.org/38408
http://secunia.com/advisories/27490
http://securityreason.com/securityalert/3337
http://www.securityfocus.com/bid/26312

Products affected by CVE-2007-5952

Helioscalendar » Helios Calendar » Version: 1.2.1_beta

cpe:2.3:a:helioscalendar:helios_calendar:1.2.1_beta

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-5952

Products

Pricing

Contact Us