WebCalendar 1.1.6 pref.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...

WebCalendar 1.2.4 - Remote Code Execution

?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka EgiX mail............:...

CVE-2007-6696

Multiple cross-site scripting XSS vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via 1 an event description, 2 the query string to pref.php, and 3 the adv parameter to search.php. NOTE: vector 1 requires user authentication...

WebCalendar 1.1.6 - 'pref.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...