7 matches found
CVE-2021-27330
Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...
Triconsole 3.75 Cross Site Scripting
Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...
Triconsole 3.75 - Reflected XSS Vulnerability
Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain 0day.today 2021-09-10...
Triconsole 3.75 - Reflected XSS
Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...
CVE-2021-27330
creationtimestamp| type| source ---|---|--- 2021-02-25 18:37:52+00:00| seen| https://t.me/cibsecurity/24135 2021-05-30 02:45:41+00:00| seen| https://t.me/pwnwikizhchannel/535 2023-04-27 09:58:59+00:00| confirmed|...
CVE-2021-27330
Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...
CVE-2021-27330
The CVE-2021-27330 entry describes a cross-site scripting (XSS) vulnerability in Triconsole Datepicker Calendar versions before 3.77, arising from insufficient validation in calendar_form.php. Exploitation could allow an attacker to read active authentication cookies, enabling potential session h...