Vulnerabilities (CVE)

Filtered by vendor Webcalendar Project Subscribe

Filtered by product Webcalendar

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-1422	1 Webcalendar Project	1 Webcalendar	2020-02-11	5.0 MEDIUM	5.3 MEDIUM
webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").
CVE-2017-10840	1 Webcalendar Project	1 Webcalendar	2017-08-30	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-10841	1 Webcalendar Project	1 Webcalendar	2017-08-30	4.0 MEDIUM	4.9 MEDIUM
Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.