30 matches found
EUVD-2020-16502
Malware in sbrugna...
CVE-2023-3787
A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
Cross site scripting
A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
CVE-2023-3787
CVE-2023-3787 affects Codecanyon Tiva Events Calender version 1.4. The root cause is manipulation of the name argument, enabling cross-site scripting. Exploitation is described as remote and the exploit has been disclosed publicly; multiple sources corroborate XSS in this product. Remediation det...
PT-2023-26150 · Unknown · Codecanyon Tiva Events Calender
Name of the Vulnerable Software and Affected Versions: Codecanyon Tiva Events Calender version 1.4 Description: A problematic vulnerability was found in the software, affecting unknown code. The manipulation of the name argument leads to cross-site scripting. The attack can be initiated remotely...
Tiva Events Calender 1.4 Cross Site Scripting
Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-05 Vulnerability Laboratory ID VL-ID:...
WordPress Larsens Calender plugin cross-site scripting vulnerability
WordPress Larsens Calender is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Larsens Calender plugin version 1.2 and earlier versions, which can be exploited by remote attackers to execute arbitrary web scripts via the "Eintrage hinzufuge...
CVE-2020-23762
Cross Site Scripting XSS vulnerability in the Larsens Calender plugin Version = 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab...
CVE-2020-23762
Cross Site Scripting XSS vulnerability in the Larsens Calender plugin Version = 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab...
CVE-2020-23762
The CVE-2020-23762 entry concerns the WordPress plugin Larsens Calender (versions
WordPress 插件 跨站脚本漏洞
WordPress Larsens Calender is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Larsens Calender plugin version 1.2 and earlier versions, which can be exploited by remote attackers to execute arbitrary web scripts via the "Eintrage hinzufuge...
WordPress Larsens Calender plugin <= 1.2 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by TH3 HIDD3N 0N3 in WordPress Larsens Calender plugin versions = 1.2. Solution This plugin has been closed as of April 12, 2021 and is not available for download. This closure is temporary, pending a full review...
Larsens Calender <= 1.2 - Stored Cross-Site Scripting (XSS)
The plugin does not sanitise or encode the Title of the calendar entries when outputting them in the admin dashboard, leading to Stored XSS issue. Due to the lack of CSRF check, this can be exploited by a CSRF attack, making logged in administrators create malicious entries The PoC will be...
Larsens Calender <= 1.2 - Stored Cross-Site Scripting (XSS)
The plugin does not sanitise or encode the Title of the calendar entries when outputting them in the admin dashboard, leading to Stored XSS issue. Due to the lack of CSRF check, this can be exploited by a CSRF attack, making logged in administrators create malicious entries PoC The PoC will be...
CVE-2016-10716
The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...
Nextcloud 'Calender and Addressbook' Information Disclosure Vulnerability - Linux
Nextcloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Olat CMS 7.8.0.1 - Persistent XSS
No description provided by source. Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID:...
Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability
Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID: ====================================...
Document Title: =============== GTX CMS 2013 Optima - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1124 Release Date: ============= 2013-10-29 Vulnerability
Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID: ====================================...
Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting
Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID: ====================================...