5 matches found
CVE-2023-38881
A reflected cross-site scripting XSS vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into any of the 'calendarid', 'schooldate', 'month' or 'year'...
more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit
No description provided by source. ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die oo error - cannot load curl extension!; function exploitheader echo...
CVE-2006-4206
Cross-site scripting XSS vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode, and possibly other versions before October 15, 2006, allows remote attackers to inject arbitrary web script or HTML via the calendarID parameter...
EUVD-2006-4196
Cross-site scripting XSS vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode, and possibly other versions before October 15, 2006, allows remote attackers to inject arbitrary web script or HTML via the calendarID parameter...
CVE-2005-3024
Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 announcement parameter to announcement.php, the 2 threadforumid or 3 criteria parameters to thread.php, 4 userid parameter to user.php, the 5...