16 matches found
CVE-2026-1310 Simple calendar for Elementor <= 1.6.6 - Missing Authorization to Unauthenticated Arbitrary Calendar Entry Deletion
The Simple calendar for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.6.6. This is due to missing capability checks on the migaajaxeditorcaldelete function that is hooked to the migaeditorcaldelete AJAX action with both authenticated...
EUVD-2014-3105
Malware in sbrugna...
EUVD-2005-2551
Malware in sbrugna...
UBUNTU-CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent...
SUSE CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
CVE-2014-3084
IBM Maximo Asset Management 6.1 through 6.5, 7.1 through 7.1.1.13, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2.8, 7.1, and 7.2 for Tivoli IT Asset Management for IT and certain other...
Ubuntu 4.10 / 5.04 : evolution vulnerabilities (USN-166-1)
Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this...
CVE-2005-4327
Multiple cross-site scripting XSS vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the 1 function, 2 year, and 3 date parameters to webcal.cgi, 4 new calendar entries, and 5 notes for entries...
SUSE-SA:2005:054: evolution
The remote host is missing the patch for the advisory SUSE-SA:2005:054 evolution. Several format string bugs allowed remote attackers to cause evolution to crash or even execute code via full vCard data, contact data from remote LDAP servers, task list data from remote servers CVE-2005-2549 or...
Mandrake Linux Security Advisory : evolution (MDKSA-2005:141)
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 full vCard data, 2 contact data from remote LDAP servers, or 3 task list data from remote servers. CVE-2005-2549 A format...
GLSA-200508-12 : Evolution: Format string vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200508-12 Evolution: Format string vulnerabilities Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task...
CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
DEBIAN-CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...