Lucene search
+L

100 matches found

exploitpack
exploitpack
added 2006/12/27 12:0 a.m.8 views

PHP iCalendar 1.12.x - search.php Cross-Site Scripting

PHP iCalendar 1.12.x - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/12/27 12:0 a.m.11 views

PHP iCalendar 1.12.x - print.php Cross-Site Scripting

PHP iCalendar 1.12.x - print.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/12/27 12:0 a.m.11 views

PHP iCalendar 1.12.x - getdate Cross-Site Scripting

PHP iCalendar 1.12.x - getdate Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/12/27 12:0 a.m.12 views

PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting

PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Exploits0
exploitpack
exploitpack
added 2006/12/27 12:0 a.m.13 views

PHP iCalendar 1.12.x - year.php Cross-Site Scripting

PHP iCalendar 1.12.x - year.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/12/27 12:0 a.m.22 views

PHP iCalendar 1.12.x - day.php Cross-Site Scripting

PHP iCalendar 1.12.x - day.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.26 views

PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.22 views

PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.14 views

PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.22 views

PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.21 views

PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.19 views

PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.20 views

PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/12/27 12:0 a.m.17 views

PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
nvd
nvd
added 2006/06/30 1:5 a.m.18 views

CVE-2006-3319

Cross-site scripting XSS vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter...

4.3CVSS5.7AI score0.01368EPSS
Exploits1References7
cvelist
cvelist
added 2006/06/30 1:0 a.m.23 views

CVE-2006-3319

Cross-site scripting XSS vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter...

5.7AI score0.01368EPSS
Exploits1References7
cve
cve
added 2006/06/30 1:0 a.m.53 views

CVE-2006-3319

The CVE-2006-3319 entry corresponds to a Cross-site scripting (XSS) vulnerability in the rss/index.php file of PHP iCalendar 2.22 and earlier. The underlying issue is an injection of arbitrary web script/HTML via the cal parameter, allowing remote attackers to execute injected scripts in victims’...

4.3CVSS6AI score0.01368EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2006/06/30 12:0 a.m.33 views

PHP iCalendar Cross Site Scripting

K.S Advisory irc.gigachat.net kurdhack Thanx : Netqurd,Azad,B3g0k,Fearless,Milex,Flot,ZayBoy,PH,KHA,KCA and other my friends Version : All Version Proof Of Concept : http://www.site.com/phpicalendar/rss/index.php?cal=XSS Original Advisory :...

0.9AI score
Exploits0
prion
prion
added 2006/03/19 11:2 p.m.16 views

Authentication flaw

publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and...

7.5CVSS7.9AI score0.06934EPSS
Exploits1References5Affected Software1
prion
prion
added 2006/03/19 11:2 p.m.17 views

Directory traversal

Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the phpicalendarcookielanguage and phpicalendarcookiestyle cookies, as...

5CVSS7.7AI score0.02783EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder