14 matches found
CVE-2022-0212
The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
WordPress SpiderCalendar plugin跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress SpiderCalendar plugin is vulnerable to a cross-site scripting vulnerability that stems from the...
CVE-2022-0212
The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0212
The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
Cross site scripting
The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0212
The CVE-2022-0212 entry concerns the WordPress SpiderCalendar/Spider Calendar plugin (versions up to 1.5.65). The root cause is failure to sanitize and escape the callback parameter before echoing it in the page via the window AJAX action, enabling Reflected Cross-Site Scripting for unauthenticat...
CVE-2022-0212 SpiderCalendar <= 1.5.65 - Reflected Cross-Site Scripting
The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
WordPress和WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress SpiderCalendar plugin is vulnerable to a cross-site scripting vulnerability that stems from the...
SpiderCalendar <= 1.5.65 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue. Note: Vendor decided to close the plugin and it won't be...
SpiderCalendar <= 1.5.65 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue. Note: Vendor decided to close the plugin and it won't be...
Joomla SpiderCalendar 3.2.17 SQL Injection
Exploit Title : Joomla SpiderCalendar Components 3.2.17 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/02/2019 Vendor Homepage : web-dorado.com Software Download Link : web-dorado.com/products/joomla-calendar.html Software Information Link :...
Calendar by WD <= 1.5.51 - Authenticated Blind SQL Injection
The SpiderCalendar WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...
Joomla Component com_spidercalendar SQL Injection
An SQL injection vulnerability has been reported in Joomla Com Spidercalendar. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Joomla com_spidercalendar插件 SQL注入漏洞
No description provided by source...