Vulnerability Details CVE-2008-5061
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/49679
- http://secunia.com/advisories/32640
- http://securityreason.com/securityalert/4590
- http://www.securityfocus.com/bid/32196
- http://www.vupen.com/english/advisories/2008/3077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46456
- https://www.exploit-db.com/exploits/7049
- http://osvdb.org/49679
- http://secunia.com/advisories/32640
- http://securityreason.com/securityalert/4590
- http://www.securityfocus.com/bid/32196
- http://www.vupen.com/english/advisories/2008/3077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46456
- https://www.exploit-db.com/exploits/7049
Products affected by CVE-2008-5061
-
cpe:2.3:a:smolinari:mini_web_calendar:1.2