14 matches found
EUVD-2007-6356
Malware in sbrugna...
AbleDesign MyCalendar 2.20.3 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting XSS attacks on the blog page...
CVE-2007-6390
CVE-2007-6390 affects the Serendipity mycalendar plugin (pre-0.13). The vulnerability is a CSRF flaw that could allow an attacker to perform actions as a blog administrator, which could be leveraged to enable or facilitate XSS on the blog page. Affected component: mycalendar plugin for Serendipit...
CVE-2007-6390
Cross-site request forgery CSRF vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting XSS attacks on the blog page...
mycal-xss.txt
MyCalendar multiple XSS By : sn0oPy Risk : medium site : http://abledesign.com/programs/MyCalendar/ exploit : XSS on the search menu : http://www.target.ma/calendar/index.php?go=search XSS on the url : http://www.target.ma/calendar/index.php?go="alertdocument.cookie XSS on the username and passwo...
CVE-2007-1050
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
CVE-2007-1050
CVE-2007-1050 describes multiple cross-site scripting (XSS) vulnerabilities in index.php of AbleDesign MyCalendar. The issue allows remote attackers to inject arbitrary web script or HTML via the following input points: (1) the go parameter, (2) the keyword parameter in the search menu (go=search...
CVE-2007-1050
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
EUVD-2007-1047
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
MyCalendar multiple XSS
MyCalendar multiple XSS By : sn0oPy Risk : medium site : http://abledesign.com/programs/MyCalendar/ exploit : XSS on the search menu : http://www.target.ma/calendar/index.php?go=search XSS on the url : http://www.target.ma/calendar/index.php?go="scriptalertdocument.cookie/script XSS on the userna...
AbleDesign MyCalendar 2.20.3 - index.php Multiple Cross-Site Scripting Vulnerabilities
AbleDesign MyCalendar 2.20.3 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/22635/info MyCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...
AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/22635/info MyCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...