Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.5 views

CVE-2024-12077

The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘calendarid’ parameter in all versions up to, and including, 3.2.19 and 11.2.19 respectively, due to insufficient input sanitization and output escaping. This makes it...

6.1CVSS6.5AI score0.00361EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/02/16 5:18 p.m.90 views

Semrush: IDOR in marketing calendar tool

INTRODUCTION I used two accounts to search for this vulnerability: Id: █████ Email: ██████ Id: ███ Email: ███ IP used: 78.194.169.36 Endpoint URL: https://ec.semrush.com/api/v1/ga/userstatus/?calendarid=CALENDARID EXPLOITATION Description of Security Issue: When a marketing calendar is loaded in...

6.5AI score
Exploits0
OpenVAS
OpenVAS
added 2014/05/06 12:0 a.m.22 views

ownCloud 'calendar_id' Parameter privilege Escalation Vulnerability

ownCloud is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

4CVSS6.7AI score0.01422EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/03/14 4:55 p.m.21 views

CVE-2013-2043

apps/calendar/ajax/events.php in ownCloud before 4.5.11 and 5.x before 5.0.6 does not properly check the ownership of a calendar, which allows remote authenticated users to download arbitrary calendars via the calendarid parameter...

4CVSS6AI score0.01422EPSS
Exploits0References2
Rows per page
Query Builder