Luxcal Web Calendar@* Security Vulnerabilities and Issues — Luxcal Web Calendar@* CVE List

Lucene search

LuxsoftLuxcal Web Calendar*

4 matches found

CVE•added 2025/02/18 1:15 a.m.•57 views

CVE-2025-25222

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.

9.8CVSS7.6AI score0.00021EPSS

CVE•added 2025/02/18 1:15 a.m.•56 views

CVE-2025-25223

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a path traversal vulnerability in dloader.php. If this vulnerability is exploited, arbitrary files on a server may be obtained.

5.8CVSS6.9AI score0.00024EPSS

CVE•added 2025/02/18 1:15 a.m.•49 views

CVE-2025-25224

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a missing authentication vulnerability in dloader.php. If this vulnerability is exploited, arbitrary files on a server may be obtained.

7.5CVSS7.1AI score0.00029EPSS

CVE•added 2025/02/18 1:15 a.m.•48 views

CVE-2025-25221

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.

9.8CVSS7.6AI score0.00021EPSS