Shiba-Design Nukecalendar vulnerabilities
3 known vulnerabilities affecting shiba-design/nukecalendar.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2004-1914HIGHCVSS 7.5PoCv1.1.a2004-12-31
CVE-2004-1914 [HIGH] CVE-2004-1914: SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote
SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to execute arbitrary SQL commands via the eid parameter.
nvd
CVE-2004-1913MEDIUMCVSS 4.3PoCv1.1.a2004-12-31
CVE-2004-1913 [MEDIUM] CVE-2004-1913: Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke,
Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter.
nvd
CVE-2004-1912MEDIUMCVSS 5.0PoCv1.1.a2004-12-31
CVE-2004-1912 [MEDIUM] CVE-2004-1912: The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php
The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive information via a URL with an invalid argument, which reveals the full path in an error message.
nvd