CVE ID:	CVE-2007-1050
Description:	Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the username or (4) the password in a go=Login action.
Test IDs:	1.3.6.1.4.1.25623.1.0.57990
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1050 Bugtraq: 20070219 MyCalendar multiple XSS (Google Search) http://www.securityfocus.com/archive/1/archive/1/460598/100/0/threaded http://forums.avenir-geopolitique.net/viewtopic.php?t=2686 BugTraq ID: 22635 http://www.securityfocus.com/bid/22635 http://www.vupen.com/english/advisories/2007/0679 http://osvdb.org/33317 http://osvdb.org/33318 http://osvdb.org/33319 http://secunia.com/advisories/24222 http://securityreason.com/securityalert/2270 XForce ISS Database: mycalendar-index-xss(32581) http://xforce.iss.net/xforce/xfdb/32581

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: