Back to search
CVE-2007-1111
Published: Feb 26, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33150
vdb-entry
x_refsource_OSVDB
2299
third-party-advisory
x_refsource_SREASON
ADV-2007-0759
vdb-entry
x_refsource_VUPEN
22705
vdb-entry
x_refsource_BID
33148
vdb-entry
x_refsource_OSVDB
33147
vdb-entry
x_refsource_OSVDB
33149
vdb-entry
x_refsource_OSVDB
20070224 Re: ActiveCalendar 1.2.0, Multiple vulnerabilities
mailing-list
x_refsource_BUGTRAQ
33145
vdb-entry
x_refsource_OSVDB
33152
vdb-entry
x_refsource_OSVDB
33151
vdb-entry
x_refsource_OSVDB
33146
vdb-entry
x_refsource_OSVDB
33153
vdb-entry
x_refsource_OSVDB
20070224 ActiveCalendar 1.2.0, Multiple vulnerabilities
mailing-list
x_refsource_BUGTRAQ
activecalendar-multiple-scripts-xss(32690)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now