RSS   Vulnerabilities for 'Mini web calendar'   RSS

2008-11-13
 
CVE-2008-5062

CWE-22
 

 
Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to read arbitrary files via directory traversal sequences in the thefile parameter.

 
 
CVE-2008-5061

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL.

 


Copyright 2024, cxsecurity.com

 

Back to Top