2 matches found
CVE-2013-1955
CVE-2013-1955 : The vulnerability affects Easy PHP Calendar 6.x and 7.x, with versions before 7.0.13. It covers two components, index.php and datePicker.php, where remote attackers can inject arbitrary web script or HTML via unspecified vectors (XSS). The descriptions do not specify exploitation ...
CVE-2008-7018
CVE-2008-7018 describes a cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25. An attacker can inject arbitrary web script or HTML via the Details field (descr parameter) when adding a new event in index.php. The affected component is the Add New Event action; the exact ...