JVN#23340457: Multiple vulnerabilities in WebCalendar

WebCalendar provided by k5n.us contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10840 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Directory...

k5n.us XSS vulnerability

Vulnerable URL: http://www.k5n.us/webcalendar.php?topic=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1338652 VIP website status:| No Check k5n.us SSL connection:| Grade: F...

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "WebCalendar 1.2.4...

HTB22930: Multiple XSS in WebCalendar

Vulnerability ID: HTB22930 Reference: http://www.htbridge.ch/advisory/xssinwebcalendar.html Product: WebCalendar Vendor: k5n.us http://www.k5n.us/ Vulnerable Version: 1.2.3 Vendor Notification: 29 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tech Bridge ...

WebCalendar 1.2.3 Cross Site Scripting

Vulnerability ID: HTB22930 Reference: http://www.htbridge.ch/advisory/xssinwebcalendar.html Product: WebCalendar Vendor: k5n.us http://www.k5n.us/ Vulnerable Version: 1.2.3 Vendor Notification: 29 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tech Bridge ...