10 matches found
EUVD-2010-4844
Malware in sbrugna...
EUVD-2010-4845
Malware in sbrugna...
CVE-2010-4880
Multiple cross-site scripting XSS vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to inject arbitrary web script or HTML via the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...
CVE-2010-4881
Multiple cross-site request forgery CSRF vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to hijack the authentication of unspecified victims for requests that use the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to inject arbitrary web script or HTML via the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...
CVE-2010-4880
Multiple cross-site scripting XSS vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to inject arbitrary web script or HTML via the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...
CVE-2010-4880
CVE-2010-4880 : Multiple XSS flaws in calendar.class.php of ApPHP Calendar (ApPHP CAL) allow remote injection of scripts via category_name, category_description, event_name, or event_description parameters. The connected documents confirm the vulnerable component and vectors but do not provide ve...
CVE-2010-4881
Affected product : ApPHP Calendar (ApPHP CAL), specifically the calendar.class.php component. Vulnerability : Multiple cross-site request forgery (CSRF) weaknesses that allow remote attackers to hijack an authenticated user’s session for requests using one of four parameters: category_name, categ...
CVE-2010-4881
Multiple cross-site request forgery CSRF vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to hijack the authentication of unspecified victims for requests that use the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...
ApPHP Calendar XSS - CSRF
Vendor: ApPHP Affected versions: All Script: ApPHP Calendar URL: http://www.apphp.com/php-calendar/index.php Vulnerability type: XSS - CSRF Risk rating: Medium Exploit Attack: XSS - CSRF in calendar.php via POST Vulnerable file: calendar.class.php Vulnerable parameters: - categoryname -...