Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Calogic Subscribe
Filtered by product Calogic Calendars
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0180 1 Calogic 1 Calogic Calendars 2018-10-19 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the "Adding New Event" page, and possibly other vectors, involving iframe tags.
CVE-2006-2570 1 Calogic 1 Calogic Calendars 2017-10-18 7.5 HIGH N/A
PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS["CLPath"] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue.
CVE-2008-2444 1 Calogic 1 Calogic Calendars 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter.