CVEDB API

Vulnerabilities

Vulnerable Software

Phpcommunitycalendar: >> Phpcommunitycalendar Security Vulnerabilities

CVE-2006-2797

Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) CalendarDetailsID parameter in (a) month.php, (b) day.php, and (c) delCalendar.php; (2) ID parameter in (d) event.php; (3) AdminUserID parameter in (e) delAdmin.php; (4) EventLocationID parameter in (f) delAddress.php; and (5) LocationID parameter in (g) delCategory.php.

CVSS Score

7.5

EPSS Score

0.005

Published

2006-06-03

CVE-2006-2798

Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php.

CVSS Score

6.8

EPSS Score

0.085

Published

2006-06-03

CVE-2005-2880

Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via the (1) login field in login.php or (2) LocationID parameter to week.php.

CVSS Score

7.5

EPSS Score

0.008

Published

2005-09-14

CVE-2005-2881

phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory.

CVSS Score

7.5

EPSS Score

0.008

Published

2005-09-14

CVE-2005-2882

Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to (1) thankyou.php or (2) day.php, font parameter to (3) calDaily.php, (4) calMonthly.php, (5) calMonthlyP.php, (6) calWeekly.php, (7) calWeeklyP.php, (8) calYearly.php, (9) calYearlyP.php, (10) day.php, or (11) week.php, or (12) CeTi, (13) Contact, (14) Description, (15) ShowAddress parameter to event.php, and other attack vectors.

CVSS Score

4.3

EPSS Score

0.006

Published

2005-09-14

Page 1

Vulnerabilities

Vulnerable Software

Phpcommunitycalendar: >> Phpcommunitycalendar Security Vulnerabilities

Products

Pricing

Contact Us