CVE-2024-48465

The MRBS version 1.5.0 has an SQL injection vulnerability in the editentryhandler.php file, specifically in the rooms%5B%5D parameter...

PT-2024-33123 · Mrbs · Mrbs

Name of the Vulnerable Software and Affected Versions: MRBS version 1.5.0 Description: The issue is related to an SQL injection vulnerability found in the edit entry handler.php file, specifically affecting the rooms%5B%5D parameter. Recommendations: For MRBS version 1.5.0, avoid using the...

PT-2024-19511 · Unknown · Webcalendar

Name of the Vulnerable Software and Affected Versions: WebCalendar version 1.3.0 Description: A reflected cross-site scripting XSS issue was discovered in the /WebCalendarvqsmnseug2/edit entry.php component. This issue allows for the execution of malicious scripts on the client-side...

Serendipity cross-site scripting vulnerability (CNVD-2016-00303)

Serendipity is a PHP-based blogging system. Serendipity serendipityadmin.php script fails to adequately filter the 'serendipityentryid' parameter in the 'edit' admin operation. This allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the 1 $name or 2 $description variables in editentryhandler.php, or 3 $url, 4 $tempfullname, or 5 $extusers variables in viewentry.php, different vector...

Jax Calendar v1.34 Remote Permission Bypass Vulnerability

Exploit for php platform in category web applications ========================================================= Jax Calendar v1.34 Remote Permission Bypass Vulnerability ========================================================= FOUND BY: R4M! - email protected DORK: inurl:?do=editentry SCRIPT: Ja...