Ltwcalendar@4.1.3 Security Vulnerabilities and Issues — Ltwcalendar@4.1.3 CVE List

Lucene search

CodewalkersLtwcalendar4.1.3

3 matches found

CVE•added 2006/12/02 2:28 a.m.•37 views

CVE-2006-6228

Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.

6.8CVSS6.1AI score0.00676EPSS

CVE•added 2006/12/02 2:28 a.m.•37 views

CVE-2006-6229

Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 logs failed passwords, which might allow attackers to infer correct passwords from the log file.

5CVSS6.9AI score0.00343EPSS

CVE•added 2006/06/15 10:2 a.m.•27 views

CVE-2006-3041

PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltw_config[include_dir] parameter. NOTE: CVE disputes this claim, since the $ltw_config[include_dir] variable is defined as a s...

7.5CVSS7.9AI score0.00741EPSS