41 matches found
EUVD-2008-1952
Malware in sbrugna...
EUVD-2006-6013
Malware in sbrugna...
EUVD-2006-0841
Malware in sbrugna...
CVE-2024-8016
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and...
WordPress Booking Calendar Pro plugin <= 11.2.19 - Reflected Cross-Site Scripting via 'calendar_id' vulnerability
Reflected Cross-Site Scripting via 'calendarid' vulnerability discovered by vgo0 in WordPress Plugin Booking Calendar Pro WpDevArt versions = 11.2.19...
CVE-2024-8016
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and...
CVE-2024-8016
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and...
CVE-2024-8016 The Events Calendar Pro <= 7.0.2 - Authenticated (Administrator+) PHP Object Injection to Remote Code Execution
The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and...
CVE-2024-8016
CVE-2024-8016 affects The Events Calendar Pro for WordPress. The vulnerability is a PHP Object Injection via deserialization of untrusted input from the widgets’ filters parameter, enabling an attacker with administrator-level access (and in some configs, even lower-privilege users) to inject a P...
WordPress The Events Calendar Pro plugin <= 7.0.2 - Authenticated (Administrator+) PHP Object Injection to Remote Code Execution vulnerability
Authenticated Administrator+ PHP Object Injection to Remote Code Execution vulnerability discovered by István Márton in WordPress Plugin The Events Calendar PRO versions = 7.0.2...
PT-2024-38753
Name of the Vulnerable Software and Affected Versions: The Events Calendar Pro plugin for WordPress versions up to, and including, 7.0.2 Description: The issue is related to PHP Object Injection via deserialization of untrusted input from the filters parameter in widgets. This allows authenticate...
WordPress plugin Events Calendar Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
CVE-2024-1295
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...
CVE-2024-1295
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...
WordPress The Events Calendar PRO < 6.4.0.1 - Authenticated (Contributor+) Arbitrary Events Access vulnerability
Authenticated Contributor+ Arbitrary Events Access vulnerability discovered by Scott Kingsley Clark in WordPress Plugin The Events Calendar PRO versions 6.4.0.1...
WordPress The Events Calendar PRO Plugin < 6.4.0.1 is vulnerable to Sensitive Data Exposure
Software The Events Calendar PRO Type Plugin Vulnerable versions 6.4.0.1 Fixed in 6.4.0.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-1295 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bc59557889e3 Credits Scott Kingsley Cla...
phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; Example: C:\calphpbb.pl www.site.com /phpBB2/ 2 'Calendar Pro' Mod for phpBB Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 if @AR...
Web Calendar Pro Dropbase.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16789/info Web Calendar Pro is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
Web Calendar 4.1 (Auth Bypass) SQL Injection Vulnerability
No description provided by source. ! ! ! OOOO O OOOOOOOOO ! ! O O O O O ! ! O O O ! ! O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO ! ! O OOO OOO O O O O OO O O O O OO O O O ! ! O OO OO O O OOOOOO O O O O O O OOOOOO ! ! O O OOOO O O O O O O O O O O O...
Web Calendar 4.1 - Authentication Bypass
! ! ! OOOO O OOOOOOOOO ! ! O O O O O ! ! O O O ! ! O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO ! ! O OOO OOO O O O O OO O O O O OO O O O ! ! O OO OO O O OOOOOO O O O O O O OOOOOO ! ! O O OOOO O O O O O O O O O O O ! ! OOOO OO OOOOOO OOOO OOOOOO...