78 matches found
EUVD-2009-2688
Malware in sbrugna...
EUVD-2020-29028
Malware in sbrugna...
EUVD-2013-0318
Malware in sbrugna...
EUVD-2023-35042
Malicious code in bioql PyPI...
EUVD-2022-3911
Malicious code in bioql PyPI...
CVE-2025-52131
The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field...
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the background or text color fields...
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
CVE-2011-2409
Cross-site scripting XSS vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Path traversal
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
iPhone calendar spam: What it is, and how to remove it
If you open up your iPhone and see a variety of messages claiming that youve been hacked, your phone is not protected, that viruses have damaged your phone, or, my personal favourite, "Click to get rid of annoying ads", fear not. Its quite possible youve accidentally wandered into a common form o...
WebCalendar 跨站脚本漏洞
WebCalendar is a PHP application for maintaining calendars for individual users or groups of Intranet users. It can also be configured as an event calendar. WebCalendar suffers from a cross-site scripting vulnerability that originates from an attacker being able to implement stored cross-site...
Cross-site scripting in Apache Tomcat
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
GHSA-J788-FX57-99WP Cross-site scripting in Apache Tomcat
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
Cross-Site Scripting (XSS)
tomcat5 is vulnerable to cross-site scripting XSS. The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text stated, provide a fix for CVE-2009-0781, a cross-site scripting XSS flaw in the examples calendar application. With some web browsers, remote attackers could use this flaw...
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
Server side request forgery (ssrf)
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
CVE-2020-8118
CVE-2020-8118 describes an authenticated server-side request forgery (SSRF) in Nextcloud Server 16.0.1 . The vulnerability exists in the calendar application’s “add new subscription” workflow and permits an attacker to detect local and remote services. The connected documents consistently identif...