EUVD-2007-0922

Malware in sbrugna...

CVE-2007-0952

Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the 1 t and 2 yr parameters, and the 3 sho parameter when the m parameter is outside the intended range...

CVE-2007-0952

Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the 1 t and 2 yr parameters, and the 3 sho parameter when the m parameter is outside the intended range...

CVE-2007-0952

CVE-2007-0952 describes multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar. The issues allow remote attackers to inject arbitrary browser script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the intended r...

CVE-2007-0928

The CVE-2007-0928 issue concerns Virtual Calendar where sensitive data is stored under the web root with insufficient access control. This allows remote attackers to download an encoded password via a direct request for pwd.txt, indicating improper access restrictions on sensitive files. Reported...

CVE-2007-0928

Virtual Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an encoded password via a direct request for pwd.txt...

Virtual Calendar <= (pwd.txt) Remote Password Disclosur Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Virtual Calendar = pwd.txt Remote Password Disclosur Vulnerability Script: Virtual Calendar DorK: "intitle:Virtual intitle:Calendar intitle:Demo" URL:...