LuxSoft Luxcal 安全漏洞

LuxSoft Luxcal is a web calendar system organized by LuxSoft Belgium. A security vulnerability exists in LuxSoft Luxcal version 4.5.2, which stems from the presence of reflective cross-site scripting in index.php, which could allow an unauthenticated attacker to steal user data...

CVE-2021-45915

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator...

CVE-2021-45914

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator...

Design/Logic Flaw

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator...

Code injection

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator...

CVE-2021-45914

LuxSoft LuxCal Web Calendar (prior to 5.2.0) is affected by an unauthenticated POST request manipulation that lets an attacker cause the attacker’s session to be authenticated as any registered LuxCal user, including an administrator. The root cause is improper handling of POST data that permits ...

CVE-2021-45914

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator...

CVE-2021-45915

LuxSoft LuxCal Web Calendar before 5.2.0 is affected. An unauthenticated attacker can manipulate a cookie value to impersonate any registered user, including the administrator. Root cause: cookie-based session fixation/authentication bypass. Affected version: prior to 5.2.0. Remediation: upgrade ...

LuxSoft LuxCal Web Calendar 授权问题漏洞

LuxSoft LuxCal Web Calendar is a free user-friendly lightweight web-based event calendar from LuxSoft Switzerland. A security vulnerability exists in LuxSoft LuxCal Web Calendar versions prior to 5.2.0. An attacker can exploit this vulnerability to manipulate cookie values...

LuxSoft LuxCal Web Calendar 授权问题漏洞

LuxSoft LuxCal Web Calendar is a free user-friendly lightweight web-based event calendar from LuxSoft Switzerland. A security vulnerability exists in LuxSoft LuxCal Web Calendar versions prior to 5.2.0. An attacker exploited the vulnerability to manipulate POST requests...

LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability

Exploit for php platform in category web applications LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability Author : kaMtiEz email protected Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id Date : 6 July, 2011 Software Information + Vendor ...

LuxCal Web Calendar 2.4.2 / 2.5.0 SQL Injection

LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id Date : 6 July, 2011 Software Information + Vendor : http://www.luxsoft.eu + Download :...