CVE-2004-1506

Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:webcalendar:webcalendar:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.19:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.20:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.21:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.22:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.23:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.24:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.25:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.26:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.27:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.28:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.29:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.30:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.31:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.32:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.33:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.34:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.35:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.36:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.37:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.38:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.39:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.40:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.41:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.42:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.43:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.44:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2004-1506

Mitre link : CVE-2004-1506

CVE.ORG link : CVE-2004-1506


JSON object : View

Products Affected

webcalendar

  • webcalendar