C-3.co.jp » Webcalenderc3 : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: this issue could not be reproduced by the vendor, but a patch was provided anyway. The original researcher is reliable.
Max CVSS
4.3
EPSS Score
0.17%
Published
2010-01-15
Updated
2011-04-29
Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors.
Max CVSS
5.0
EPSS Score
0.20%
Published
2010-01-15
Updated
2011-04-29
2 vulnerabilities found