Lucene search
K

4 matches found

NVD
NVD
added 2023/08/21 9:15 a.m.20 views

CVE-2023-39939

SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it...

9.1CVSS9.5AI score0.00705EPSS
Exploits0References3
CVE
CVE
added 2023/08/21 8:14 a.m.45 views

CVE-2023-39939

CVE-2023-39939 describes an SQL injection in LuxCal Web Calendar prior to 5.2.3M (MySQL) and prior to 5.2.3L (SQLite), allowing remote, unauthenticated attackers to execute arbitrary queries and access/alter data. Connected sources confirm affected LuxCal Web Calendar components and indicate miti...

9.1CVSS9.4AI score0.00705EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/08/21 12:0 a.m.47 views

JVN#04876736: Multiple vulnerabilities in LuxCal Web Calendar

LuxCal Web Calendar provided by LuxSoft contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2023-39543 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3 SQL...

9.1CVSS7.7AI score0.00705EPSS
Exploits0
SQLite
SQLite
added 2023/01/01 12:0 a.m.26 views

SQLite report about CVE-2023-39939

This is not a bug in SQLite. This is an SQL injection bug in an application LuxCal Web Calendar that links against SQLite. Even though this CVE is not about SQLite, "SQLite" is mentioned in the description and so we list it here...

9.1CVSS9.7AI score0.00705EPSS
Exploits0
Rows per page
Query Builder