5 matches found
CVE-2026-1508
The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack...
EUVD-2026-10474
The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack...
EUVD-2026-10475
The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack...
CVE-2008-6736
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...
flatcal-bypass.txt
Flat Calendar v1.1 Remote Permission Bypass Vulnerability Author : CrackersChild Dork : Flat Calendar: View All Flat Calendar: View All için yaklaşık 654.000 sonuçtan Exploits: site.com/calenderpath/admin/add.php Adding New Evetns without admin permissions...