CVE-2007-3182
Calendarix 0.7.20070307 is affected by multiple XSS flaws when PHP register_globals is On. The vulnerabilities allow remote attackers to inject script/HTML via calendar.php year and month parameters, and via cal_footer.inc.php leftfooter parameter (the ycyear parameter is covered by CVE-2006-1835...