Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Luxcal_web_calendar
(Luxsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 4 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-08-21 | CVE-2023-39543 | Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product. | Luxcal_web_calendar | 6.1 | ||
2023-08-21 | CVE-2023-39939 | SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it. | Luxcal_web_calendar | 9.1 | ||
2023-11-20 | CVE-2023-46700 | SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database. | Luxcal_web_calendar | 9.8 | ||
2023-11-20 | CVE-2023-47175 | Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product. | Luxcal_web_calendar | 6.1 |