Easyphpcalendar Easyphpcalendar : Security vulnerabilities, CVEs

Copy

CVE-2005-2155

PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter.

Max CVSS

7.5

EPSS Score

1.39%

Published

2005-07-06

Updated

2008-09-10

CVE-2005-1144

popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message.

Max CVSS

5.0

EPSS Score

0.56%

Published

2005-04-12

Updated

2008-09-05

CVE-2005-1143

Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalendar before 6.2.8 allows remote attackers to inject arbitrary web script or HTML via the yr parameter.

Max CVSS

4.3

EPSS Score

0.26%

Published

2005-04-12

Updated

2008-09-05

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!