Webcalendar Security Vulnerabilities and Issues — Webcalendar CVE List

Lucene search

Webcalendar ProjectWebcalendar

3 matches found

CVE•added 2017/08/29 1:35 a.m.•45 views

CVE-2017-10841

Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

4.9CVSS5.2AI score0.02181EPSS

CVE•added 2012/10/11 3:55 p.m.•36 views

CVE-2012-5384

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, ...

4.3CVSS5.5AI score0.00619EPSS

CVE•added 2014/04/22 2:23 p.m.•33 views

CVE-2013-1421

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

4.3CVSS5.9AI score0.00254EPSS