QwikSec

Security Database

CVE

CWE

Training

CVE-2010-4880

Published: Oct 7, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to inject arbitrary web script or HTML via the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20100831 ApPHP Calendar XSS - CSRF

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.org/1008-advisories/apphp-xssxsrf.txt

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.