100 matches found
PHP iCalendar 1.12.x - search.php Cross-Site Scripting
PHP iCalendar 1.12.x - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PHP iCalendar 1.12.x - print.php Cross-Site Scripting
PHP iCalendar 1.12.x - print.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PHP iCalendar 1.12.x - getdate Cross-Site Scripting
PHP iCalendar 1.12.x - getdate Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting
PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
PHP iCalendar 1.12.x - year.php Cross-Site Scripting
PHP iCalendar 1.12.x - year.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PHP iCalendar 1.12.x - day.php Cross-Site Scripting
PHP iCalendar 1.12.x - day.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
CVE-2006-3319
Cross-site scripting XSS vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter...
CVE-2006-3319
Cross-site scripting XSS vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter...
CVE-2006-3319
The CVE-2006-3319 entry corresponds to a Cross-site scripting (XSS) vulnerability in the rss/index.php file of PHP iCalendar 2.22 and earlier. The underlying issue is an injection of arbitrary web script/HTML via the cal parameter, allowing remote attackers to execute injected scripts in victims’...
PHP iCalendar Cross Site Scripting
K.S Advisory irc.gigachat.net kurdhack Thanx : Netqurd,Azad,B3g0k,Fearless,Milex,Flot,ZayBoy,PH,KHA,KCA and other my friends Version : All Version Proof Of Concept : http://www.site.com/phpicalendar/rss/index.php?cal=XSS Original Advisory :...
Authentication flaw
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and...
Directory traversal
Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the phpicalendarcookielanguage and phpicalendarcookiestyle cookies, as...