MidnightBSD

Advisories for nashtech

CVE-2013-1955 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
nashtech easy_php_calendar 7.0.07
nashtech easy_php_calendar 7.0.01
nashtech easy_php_calendar 6.0
nashtech easy_php_calendar 7.0.10
nashtech easy_php_calendar 7.0.00
nashtech easy_php_calendar 7.0.02
nashtech easy_php_calendar 7.0.06
nashtech easy_php_calendar 7.0.11
nashtech easy_php_calendar 7.0.08
nashtech easy_php_calendar *
nashtech easy_php_calendar 7.0.04
nashtech easy_php_calendar 7.0.03
nashtech easy_php_calendar 7.0.09
nashtech easy_php_calendar 7.0.05