Known Vulnerabilities for products from Webcalendar Project
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Webcalendar Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-22635 json | 6.1 - MEDIUM | 2024-01-25 | 2024-01-29 | |
| CVE-2023-0289 json | Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master. | 5.4 - MEDIUM | 2023-01-13 | 2023-01-20 |
| CVE-2017-10841 json | Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via... | 4.9 - MEDIUM | 2017-08-29 | 2017-08-30 |
| CVE-2017-10840 json | Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML... | 6.1 - MEDIUM | 2017-08-29 | 2017-08-30 |
| CVE-2013-1422 json | webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user"). | 5.3 - MEDIUM | 2020-02-04 | 2020-02-11 |
| CVE-2013-1421 json | Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 al... | 4.3 - MEDIUM | 2014-04-22 | 2020-01-29 |
| CVE-2012-5385 json | install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execu... | 7.5 - HIGH | 2012-10-11 | 2020-01-29 |
| CVE-2012-5384 json | Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary w... | 4.3 - MEDIUM | 2012-10-11 | 2020-01-29 |
| CVE-2012-1496 json | Local file inclusion in WebCalendar before 1.2.5. | 8.8 - HIGH | 2020-01-27 | 2020-01-29 |
| CVE-2012-1495 json | install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_logi... | 9.8 - CRITICAL | 2020-01-27 | 2020-01-29 |
Known software with vulnerabilities from Webcalendar Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Webcalendar Project | Webcalendar | - |