2 matches found
CVE-2009-3197
Cross-site scripting XSS vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2009-3197
CVE-2009-3197 describes a cross-site scripting (XSS) vulnerability in the PHP Calendars Script by JCE-Tech, specifically in search.php. The flaw lets remote attackers inject arbitrary web script or HTML by supplying a crafted value to the search parameter. The NVD metrics indicate a MEDIUM-severi...