Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Jce-techPhp Calendars Script

4 matches found

CVE
CVEadded 2010/01/21 10:0 p.m.46 views

CVE-2010-0376

CVE-2010-0376 is an XSS vulnerability in JCE-Tech PHP Calendars, specifically in product_list.php where the cat parameter can be exploited to inject arbitrary HTML/Script. The issue is described as arising from a forced SQL error message related to CVE-2010-0375. Connected sources confirm the vul...

4.3CVSS6.3AI score0.0278EPSS
CVE
CVEadded 2009/09/15 9:0 p.m.42 views

CVE-2009-3197

CVE-2009-3197 describes a cross-site scripting (XSS) vulnerability in the PHP Calendars Script by JCE-Tech, specifically in search.php. The flaw lets remote attackers inject arbitrary web script or HTML by supplying a crafted value to the search parameter. The NVD metrics indicate a MEDIUM-severi...

4.3CVSS5.8AI score0.00322EPSS
CVE
CVEadded 2010/01/22 9:20 p.m.41 views

CVE-2010-0380

The CVE-2010-0380 entry concerns JCE-Tech PHP Calendars (install.php) where a direct request can bypass access restrictions and allow modification of application settings. The vulnerability hinges on administrators not following recommendations in the product installation documentation. The provi...

5CVSS6.9AI score0.02237EPSS
CVE
CVEadded 2010/01/21 10:0 p.m.36 views

CVE-2010-0375

CVE-2010-0375 concerns a SQL injection vulnerability in product_list.php of JCE-Tech PHP Calendars, exploitable via the cat parameter to execute arbitrary SQL commands. The vulnerability is documented across multiple sources (NVD/NVD-derived listings, CVE records, and third-party references) with...

7.5CVSS8.3AI score0.00248EPSS