Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 9:31 a.m.2 views

CVE-2024-12077

The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘calendarid’ parameter in all versions up to, and including, 3.2.19 and 11.2.19 respectively, due to insufficient input sanitization and output escaping. This makes it...

6.1CVSS6.5AI score0.02566EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/01/07 10:11 a.m.2 views

WordPress Booking Calendar plugin <= 3.2.19 - Reflected Cross-Site Scripting via 'calendar_id' vulnerability

Reflected Cross-Site Scripting via 'calendarid' vulnerability discovered by vgo0 in WordPress Plugin Booking calendar, Appointment Booking System versions = 3.2.19...

6.1CVSS6.3AI score0.02566EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2023/12/07 7:15 a.m.14 views

Input validation

Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...

4.9CVSS7.3AI score0.00205EPSS
Exploits2References2Affected Software1
Hacker One
Hacker Oneadded 2020/02/16 5:18 p.m.86 views

Semrush: IDOR in marketing calendar tool

INTRODUCTION I used two accounts to search for this vulnerability: Id: █████ Email: ██████ Id: ███ Email: ███ IP used: 78.194.169.36 Endpoint URL: https://ec.semrush.com/api/v1/ga/userstatus/?calendarid=CALENDARID EXPLOITATION Description of Security Issue: When a marketing calendar is loaded in...

6.5AI score
Exploits0
OpenVAS
OpenVASadded 2014/05/06 12:0 a.m.21 views

ownCloud 'calendar_id' Parameter privilege Escalation Vulnerability

ownCloud is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

4CVSS6.7AI score0.00176EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2014/03/14 4:55 p.m.18 views

CVE-2013-2043

apps/calendar/ajax/events.php in ownCloud before 4.5.11 and 5.x before 5.0.6 does not properly check the ownership of a calendar, which allows remote authenticated users to download arbitrary calendars via the calendarid parameter...

4CVSS6AI score0.00176EPSS
Exploits0References2
OwnCloud
OwnCloudadded 2013/05/14 6:11 p.m.37 views

Privilege escalation in the calendar application - ownCloud

Due to not properly checking the ownership of an calendar, an authenticated attacker is able to download calendars of other users via the "calendarid" GET parameter to /apps/calendar/ajax/events.php Note: Successful exploitation of this privilege escalation requires the "calendar" app to be enabl...

4CVSS6.3AI score0.00176EPSS
Exploits0Affected Software1
Rows per page
Query Builder