RSS   Vulnerabilities for 'Easyphpcalendar'   RSS

2005-07-06
 
CVE-2005-2155

 

 
PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter.

 
2005-04-12
 
CVE-2005-1144

 

 
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message.

 
 
CVE-2005-1143

 

 
Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalendar before 6.2.8 allows remote attackers to inject arbitrary web script or HTML via the yr parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top