CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-6289

Malware in sbrugna...

7.5CVSS6.4AI score0.00485EPSS

Exploits1References4

OSV•added 2021/04/12 2:15 p.m.•0 views

CVE-2021-24225

The Advanced Booking Calendar WordPress plugin before 1.6.7 did not sanitise the calId GET parameter in the "Seasons & Calendars" page before outputing it in an A tag, leading to a reflected XSS issue...

5.4CVSS6.1AI score0.00162EPSS

Exploits2References2

OwnCloud•added 2015/08/24 10:9 p.m.•36 views

Server: Calendar export: Authorization Bypass Through User-Controlled Key

Due to not properly checking the ownership of an calendar, an authenticated attacker is able to download calendars of other users via the "calid" GET parameter to export.php in /apps/calendar/ For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

4CVSS4.4AI score0.00176EPSS

Exploits0Affected Software1

Prion•added 2014/11/04 3:55 p.m.•13 views

Sql injection

SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter...

7.5CVSS9.2AI score0.78024EPSS

Exploits1References5Affected Software1