CVE-2008-7018 in Easy PHP Calendarinfo

Summary

Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote attackers to inject arbitrary web script or HTML via the Details field (descr parameter) in an Add New Event action in an unspecified request as generated by an add action in index.php.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

08/21/2009

Disclosure

08/21/2009

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
49567	NashTech Easy PHP Calendar index.php cross site scripting	79	High	Unavailable	CVE-2008-7018

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!