2 matches found
CVE-2010-2041
PHP-Calendar is prone to Cross Site Scripting (XSS) in index.php, specifically via the parameters (1) description and (2) lastaction, affecting versions before 2.0 Beta7. The vulnerability allows remote attackers to inject arbitrary script/HTML in the web page. Affected product: PHP-Calendar; the...
CVE-2010-2041
Multiple cross-site scripting XSS vulnerabilities in index.php in PHP-Calendar before 2.0 Beta7 allow remote attackers to inject arbitrary web script or HTML via the 1 description and 2 lastaction parameters...