Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting

Triconsole Datepicker Calendar before 3.77 contains a cross-site scripting vulnerability in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents. id:...

CVE-2021-27330

Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...

Triconsole Datepicker Calendar Cross-Site Scripting Vulnerability

Triconsole Datepicker Calendar is a Triconsole open source application. Provides a calendar component . A cross-site scripting vulnerability exists in Triconsole Datepicker Calendar prior to version 3.77, which stems from calendarform.php not fully validating user input, which allows an attacker ...

Triconsole 3.75 - Reflected XSS

Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...

Triconsole 3.75 - Reflected XSS Vulnerability

Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain 0day.today 2021-09-10...

Triconsole 3.75 Cross Site Scripting

Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...

CVE-2021-27330

Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...

CVE-2021-27330

Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...

Cross site scripting

Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...

CVE-2021-27330

Triconsole Datepicker Calendar 3.77 is affected by cross-site scripting XSS in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents...

CVE-2021-27330

The CVE-2021-27330 entry describes a cross-site scripting (XSS) vulnerability in Triconsole Datepicker Calendar versions before 3.77, arising from insufficient validation in calendar_form.php. Exploitation could allow an attacker to read active authentication cookies, enabling potential session h...

Triconsole Datepicker Calendar 跨站脚本漏洞

Triconsole Datepicker Calendar is a Triconsole open source application. Provides a calendar component . A cross-site scripting vulnerability exists in Triconsole Datepicker Calendar prior to version 3.77, which stems from calendarform.php not fully validating user input, which allows an attacker ...