6 matches found
CVE-2025-0929 SQL injection vulnerability in TeamCal Neo
SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to retrieve, update and delete all database information by injecting a malicious SQL statement via the ‘abs’ parameter in ‘/teamcal/src/index.php’...
TeamCal Neo SQL注入漏洞
TeamCal Neo is a calendar-based web application by George Lewe Personal Developer. A SQL injection vulnerability exists in TeamCal Neo version 3.8.2. An attacker can use this vulnerability to inject malicious SQL statements via the "abs" parameter in "/teamcal/src/index.php" to retrieve, update,...
TeamCal Neo 跨站脚本漏洞
TeamCal Neo is a calendar-based web application from the individual developer George Lewe. A cross-site scripting vulnerability exists in TeamCal Neo version 3.8.2. An attacker can exploit this vulnerability to execute malicious JavaScript code by injecting code via the abs parameter in...
PT-2025-4101 · Unknown · Teamcal Neo
Name of the Vulnerable Software and Affected Versions: TeamCal Neo version 3.8.2 Description: The issue is a Reflected Cross-Site Scripting XSS that allows an attacker to execute malicious JavaScript code. This is achieved by injecting code via the abs parameter in the "/teamcal/src/index.php" AP...
CVE-2020-35724
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter or indirectly via the cpr, tcp, or abs parameter. NOTE: This vulnerability only affects products that are no...
CVE-2006-6732
PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter...