EUVD-2009-3234

Malware in sbrugna...

CVE-2009-3251

include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the 1 visibility, 2 location, and 3 recurrence fields of a calendar via a custom view...

Cross site scripting

The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2022-1710 Appointment Hour Booking < 1.3.56 - Admin+ Stored Cross-Site Scripting

The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

WordPress plugin Appointment Hour Booking 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A cross-site scripting vulnerability exists in versions of WordPress prior to Appointment Hour Booking plugi...

CVE-2020-9742

AEM versions 6.5.5.0 and below, 6.4.8.1 and below and 6.3.3.8 and below are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Inbox calendar feature. These scripts may be executed in a victim’s browser when...

Design/Logic Flaw

include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the 1 visibility, 2 location, and 3 recurrence fields of a calendar via a custom view...