K5n Webcalendar

8 CVEs affecting K5n Webcalendar. Latest disclosed: 2024-11-15. Critical: 0, High: 0.

Top CVEs affecting K5n Webcalendar
CVESeverityScorePublishedSummary
CVE-2024-1097Medium5.42024-11-15A stored cross-site scripting (XSS) vulnerability exists in craigk5n/webcalendar version 1.3.0. The vulnerability occurs in the 'Report Name' input field while…
CVE-2012-08462012-10-08Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location var…
CVE-2011-38142011-09-24WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals…
CVE-2010-06382010-02-15Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that c…
CVE-2010-06372010-02-12Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to hijack the authenti…
CVE-2010-06362010-02-12Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web scrip…
CVE-2008-28362008-06-24PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the inclu…
CVE-2007-14832007-03-16Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9.45 allow remote attackers to execute arbitrary PHP code via a URL in the includedir param…