CVE-2025-0929 SQL injection vulnerability in TeamCal Neo

SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to retrieve, update and delete all database information by injecting a malicious SQL statement via the ‘abs’ parameter in ‘/teamcal/src/index.php’...

PT-2025-4101 · Unknown · Teamcal Neo

Name of the Vulnerable Software and Affected Versions: TeamCal Neo version 3.8.2 Description: The issue is a Reflected Cross-Site Scripting XSS that allows an attacker to execute malicious JavaScript code. This is achieved by injecting code via the abs parameter in the "/teamcal/src/index.php" AP...

TeamCal Neo 跨站脚本漏洞

TeamCal Neo is a calendar-based web application from the individual developer George Lewe. A cross-site scripting vulnerability exists in TeamCal Neo version 3.8.2. An attacker can exploit this vulnerability to execute malicious JavaScript code by injecting code via the abs parameter in...

TeamCal Neo SQL注入漏洞

TeamCal Neo is a calendar-based web application by George Lewe Personal Developer. A SQL injection vulnerability exists in TeamCal Neo version 3.8.2. An attacker can use this vulnerability to inject malicious SQL statements via the "abs" parameter in "/teamcal/src/index.php" to retrieve, update,...

CVE-2020-35724

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter or indirectly via the cpr, tcp, or abs parameter. NOTE: This vulnerability only affects products that are no...

CVE-2006-6732

PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter...