Lucene search
+L
AaronoutpostAsp Inline Corporate Calendar

4 matches found

CVE
CVE
added 2009/06/27 6:0 p.m.55 views

CVE-2009-2243

The CVE-2009-2243 vulnerability affects the ASP Inline Corporate Calendar, specifically the active_appointments.asp component. The root cause is an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via the sortby parameter. This could lead to data exposure...

7.5CVSS8.3AI score0.00905EPSS
CVE
CVE
added 2009/06/27 6:0 p.m.52 views

CVE-2009-2241

The CVE-2009-2241 issue is an XSS vulnerability in the ASP Inline Corporate Calendar’s search.asp, exploitable via the keyword parameter. The affected component is the search function within the ASP Inline Corporate Calendar application; the underlying cause is improper handling of user-supplied ...

4.3CVSS5.9AI score0.01452EPSS
CVE
CVE
added 2009/06/27 6:0 p.m.47 views

CVE-2009-2242

The CVE-2009-2242 entry describes a SQL injection vulnerability in active_appointments.asp of the ASP Inline Corporate Calendar. The flaw allows remote attackers to inject arbitrary SQL commands via the order parameter, potentially compromising the underlying database. The vulnerability is docume...

6.8CVSS8.7AI score0.00913EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.46 views

CVE-2005-1481

The CVE-2005-1481 entry maps to multiple SQL injection flaws in Aaron Outpost’s ASP Inline Corporate Calendar. OpenVAS details describe both defer.asp and details.asp as vulnerable endpoints taking an Event_ID parameter, enabling remote attackers to inject SQL commands. The underlying issue is im...

7.5CVSS8.5AI score0.01369EPSS