Lucene search
K
Php LiteCalendar Express

4 matches found

CVE
CVE
added 2006/06/12 10:0 p.m.66 views

CVE-2006-2973

CVE-2006-2973 involves multiple SQL injection vulnerabilities in month.php of PHP Lite Calendar Express 2.2 . The issue allows remote attackers to execute arbitrary SQL commands via the (1) and (2) parameters, potentially affecting the application’s database through the affected page. The CVSS ...

7.5CVSS8.4AI score0.0111EPSS
CVE
CVE
added 2007/07/09 4:0 p.m.57 views

CVE-2007-3627

CVE-2007-3627 concerns PHP Lite Calendar Express 2.2 with multiple SQL injection flaws exploitable via the cid parameter in login.php, auth.php, and subscribe.php. The vulnerability allows remote attackers to inject arbitrary SQL commands. The note states that month.php, year.php, week.php, and d...

7.5CVSS8.1AI score0.00931EPSS
CVE
CVE
added 2005/12/05 11:0 a.m.44 views

CVE-2005-4009

Summary of confirmed issues (CVE-2005-4009, CVE-2007-3627, related CVEs): PHP Lite Calendar Express 2.2 and earlier contain multiple SQL injection vulnerabilities. The CVE-2005-4009 entries describe injection via the cid and catid parameters to day.php, week.php, month.php, and year.php. The CVE-...

7.5CVSS8.5AI score0.0133EPSS
CVE
CVE
added 2006/03/28 11:0 a.m.42 views

CVE-2006-1401

CVE-2006-1401 affects Calendar Express 2.2. The issue is multiple XSS in search.php exploitable via the allwords and oneword parameters, allowing remote script/HTML injection. The connected documents confirm the affected component and vulnerability class but do not provide explicit exploit detail...

4.3CVSS5.7AI score0.0118EPSS