Vulnerabilities (CVE)

Filtered by vendor Postnuke Software Foundation Subscribe
Filtered by product Postcalendar
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1787 1 Postnuke Software Foundation 1 Postcalendar 2024-11-20 7.5 HIGH N/A
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
CVE-2002-0739 1 Postnuke Software Foundation 1 Postcalendar 2024-11-20 7.5 HIGH N/A
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.