SecuritySpace - CVE-2010-0636

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2010-0636

Description: Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the (1) tab parameter to users.php and the PATH_INFO to (2) day.php, (3) month.php, and (4) week.php. NOTE: some of these details are obtained from third party information.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-0636
BugTraq ID: 38053
http://www.securityfocus.com/bid/38053
http://holisticinfosec.org/content/view/133/45/
http://secunia.com/advisories/38222

CVE ID:	CVE-2010-0636
Description:	Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the (1) tab parameter to users.php and the PATH_INFO to (2) day.php, (3) month.php, and (4) week.php. NOTE: some of these details are obtained from third party information.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0636 BugTraq ID: 38053 http://www.securityfocus.com/bid/38053 http://holisticinfosec.org/content/view/133/45/ http://secunia.com/advisories/38222