CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

RedhatCVE•added 2026/01/09 10:19 a.m.•4 views

CVE-2019-18347

A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another possibly privileged user. Affected database fields include...

5.4CVSS5.7AI score0.0075EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 10:18 a.m.•3 views

CVE-2019-18345

A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an...

9.3CVSS6.1AI score0.00915EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 10:17 a.m.•3 views

CVE-2019-18346

A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user...

8.8CVSS6.7AI score0.01108EPSS

Exploits4References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-8134

Malware in sbrugna...

8.8CVSS8.5AI score0.01108EPSS

Exploits4References12

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-4071

Malware in sbrugna...

9.8CVSS9.2AI score0.00472EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2020-4070

Malware in sbrugna...

7.5CVSS7.6AI score0.0045EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-8133

Malware in sbrugna...

9.3CVSS9.1AI score0.00915EPSS

Exploits4References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-8135

Malware in sbrugna...

5.4CVSS5.3AI score0.0075EPSS

Exploits4References12

Tenable Nessus•added 2025/08/27 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-18346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker- controlled webpage, the attacker can send arbitrary requests ...

8.8CVSS8AI score0.01108EPSS

Exploits4References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-18347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, maki...

5.4CVSS5.6AI score0.0075EPSS

Exploits4References2

RedhatCVE•added 2025/05/22 3:48 p.m.•5 views

CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS6.6AI score0.00472EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:9 p.m.•4 views

CVE-2020-11728

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time and the incrementing sessionid can impersonate a session...

7.5CVSS6.7AI score0.0045EPSS

Exploits0References1

Tenable Nessus•added 2020/09/25 12:0 a.m.•24 views

Ubuntu 20.04 LTS : AWL vulnerability (USN-4539-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4539-1 advisory. Andrew Bartlett discovered that DAViCal Andrew's Web Libraries AWL did not properly manage session keys. An attacker could possibly use this issue to impersonate ...

7.5CVSS7.8AI score0.0045EPSS

Exploits0References2

Debian•added 2020/04/21 11:43 a.m.•20 views

[SECURITY] [DSA 4660-1] awl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4660-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 21, 2020 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.00472EPSS

Exploits1

Debian•added 2020/04/21 11:43 a.m.•33 views

[SECURITY] [DSA 4660-1] awl security update

9.8CVSS9.2AI score0.00472EPSS

Exploits1

Tenable Nessus•added 2020/04/20 12:0 a.m.•30 views

Debian DLA-2178-1 : awl security update

Following CVEs were reported against the awl source package : CVE-2020-11728 An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time and the incrementing session...

9.8CVSS8AI score0.00472EPSS

Exploits1References4

CNVD•added 2020/04/16 12:0 a.m.•1 views

DAViCal Andrew's Web Libraries Authorization Issues Vulnerability

DAViCal Andrew's Web Libraries AWL is an AWL project that focuses on providing some shared PHP libraries for DAViCal, a calendar sharing server. An authorization issue vulnerability exists in DAViCal AWL version 0.60 and earlier. A remote attacker could exploit this vulnerability to impersonate a...

9.8CVSS7AI score0.00472EPSS

Exploits1References1