Back to search
CVE-2008-7018
Published: Aug 21, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote attackers to inject arbitrary web script or HTML via the Details field (descr parameter) in an Add New Event action in an unspecified request as generated by an add action in index.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080928 PHP Calendar Script Remote XSS (Permanent) Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
31478
vdb-entry
x_refsource_BID
easyphpcalendar-addnewevent-xss(45517)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now