CVE

Id
31462  
CVE No.
CVE-2008-1345  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and earlier allows remote attackers to inject arbitrary web script or HTML via the day parameter in a dayview action.  
Phase
Assigned (20080317)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
336947 31462 CVE-2008-1345 BUGTRAQ:20080317 EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities  View
336948 31462 CVE-2008-1345 URL:http://www.securityfocus.com/archive/1/archive/1/489678/100/0/threaded  View
336949 31462 CVE-2008-1345 MILW0RM:5246  View
336950 31462 CVE-2008-1345 URL:http://www.milw0rm.com/exploits/5246  View
336951 31462 CVE-2008-1345 BID:28232  View
336952 31462 CVE-2008-1345 URL:http://www.securityfocus.com/bid/28232  View
336953 31462 CVE-2008-1345 SECUNIA:29373  View
336954 31462 CVE-2008-1345 URL:http://secunia.com/advisories/29373  View
336955 31462 CVE-2008-1345 XF:easycalendar-calendarbackend-xss(41180)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
47543 JVNDB-2008-002853 eXV2 の Bama Galerie モジュールの viewcat.php における SQL インジェクションの脆弱性 eXV2 の bamaGalerie (Bama Galerie) モジュールの viewcat.php には、SQL インジェクションの脆弱性が存在します。 CVE-2008-1349 31462 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002853.html  View