RSS   Vulnerabilities for 'Apphp calendar'   RSS

2011-10-07
 
CVE-2010-4881

CWE-352
 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to hijack the authentication of unspecified victims for requests that use the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter.

 
 
CVE-2010-4880

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to inject arbitrary web script or HTML via the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter.

 

 >>> Vendor: Apphp 3 Products
Php microcms
Apphp calendar
Hotel site


Copyright 2017, cxsecurity.com