Lucene search

Event Calendar Security Vulnerabilities

cve

CVE-2007-6365

Cross-site scripting (XSS) vulnerability in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 allows remote attackers to inject arbitrary web script or HTML via the month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party in...

5.5AI Score

0.003EPSS

2022-10-03 04:14 PM

cve

CVE-2018-6398

SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.

9.8CVSS

9.8AI Score

0.003EPSS

2018-01-30 03:29 PM

cve

CVE-2022-36390

Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.

5.4CVSS

5.3AI Score

0.001EPSS

2022-09-21 08:15 PM

cve

CVE-2022-38067

Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.

6.5CVSS

5.2AI Score

0.001EPSS

2022-09-09 03:15 PM