CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cvelist•added 2023/05/09 3:28 p.m.•15 views

CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

5.4CVSS5.4AI score0.00213EPSS

Exploits0References2

Cvelist•added 2010/02/12 10:0 p.m.•18 views

CVE-2010-0636

Multiple cross-site scripting XSS vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the 1 tab parameter to users.php and the PATHINFO to 2 day.php, 3 month.php, and 4 week.php. NOTE: some of these details are...

5.7AI score0.00285EPSS

Exploits0References4

Cvelist•added 2008/10/21 12:0 a.m.•12 views

CVE-2008-4620

SQL injection vulnerability in Meeting Room Booking System MRBS before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to 1 month.php, and possibly 2 day.php and 3 week.php...

8.4AI score0.00421EPSS

Exploits0References5

Cvelist•added 2008/08/10 8:0 p.m.•13 views

CVE-2008-3565

Multiple cross-site scripting XSS vulnerabilities in Meeting Room Booking System MRBS 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to 1 day.php, 2 week.php, 3 month.php, 4 search.php, 5 report.php, and 6 help.php. NOTE: the provenance of this...

5.7AI score0.00231EPSS

Exploits1References4

Cvelist•added 2008/06/19 8:0 p.m.•21 views

CVE-2008-2783

Multiple cross-site scripting XSS vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote attackers to inject arbitrary web script or HTML via the timestamp parameter to 1 week.php, 2 workweek.php, and 3 day.php; and 4 the horde parameter in the PATHINFO to the...

5.7AI score0.00246EPSS

Exploits1References2

Packet Storm•added 2007/12/20 12:0 a.m.•17 views

phpical-xss.txt

PHP iCalendar alertdocument.cookie //---------------------------------------\ Greetz To: All Hackers Jose Luis Góngora Fernández / JosS!...

7.4AI score

Exploits0

Prion•added 2006/06/03 1:2 a.m.•7 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 LoName parameter in a week.php and b month.php and 2 AddressLink parameter in c event.php...

6.8CVSS6.1AI score0.0852EPSS

Exploits0References6Affected Software1

NVD•added 2006/06/03 1:2 a.m.•8 views

CVE-2006-2798

6.8CVSS5.8AI score0.0852EPSS

Exploits0References6

NVD•added 2005/09/14 8:3 p.m.•10 views

CVE-2005-2882

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to 1 thankyou.php or 2 day.php, font parameter to 3 calDaily.php, 4 calMonthly.php, 5...

4.3CVSS5.8AI score0.00565EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by