EUVD-2020-26776

Malware in sbrugna...

EUVD-2021-8139

Malicious code in bioql PyPI...

CVE-2021-20725

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20725

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20725

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

Cross site scripting

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20725

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20725

CVE-2021-20725 is a reflected cross-site scripting vulnerability in the admin page of PHP Factory Calendar01 free edition v1.0.1 and earlier. The issue allows a remote attacker to inject arbitrary script via unspecified vectors, potentially causing scripts to run in a victim’s browser. Public det...

Php Factory Calendar01 跨站脚本漏洞

Php Factory Calendar01 is a CMS Content Management System for building reservation management websites from PHP Factory Japan. A cross-site scripting vulnerability exists in Calendar01 1.0.1, which stems from insufficient sanitization of user-supplied data in administrative pages. A remote attack...

JVN#53910556: Multiple cross-site scripting vulnerabilities in multiple PHP Factory products

Multiple products provided by PHP Factory contain multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability CWE-79 - CVE-2021-20723 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.7 CVSS v2|...

CVE-2020-5615

Cross-site request forgery CSRF vulnerability in Calendar01 free edition ver1.0.0 and Calendar02 free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2020-5615

Cross-site request forgery CSRF vulnerability in Calendar01 free edition ver1.0.0 and Calendar02 free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Calendar01 free edition ver1.0.0 and Calendar02 free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2020-5615

The CVE-2020-5615 entry concerns CSRF in Calendar01 free edition ver1.0.0 and Calendar02 free edition ver1.0.0 that can allow remote attackers to hijack administrator authentication via unspecified vectors. Public sources in the connected documents identify affected products as Calendar01 and Cal...

JVN#73169744: Multiple vulnerabilities in multiple PHP Factory products

Multiple products provided by PHP Factory contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2020-5615 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score: 4.3 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2....