PHPJabbers Event Booking Calendar 2.0
Approved changes feed: RSS · Atom
cpe:2.3:a:phpjabbers:event_booking_calendar:2.0:*:*:*:*:*:*:*
part: a version: 2.0 update: *
| Vendor | Phpjabbers (2f919538-31c8-5cbb-b18c-c6079deaeb0d) |
|---|---|
| Product | Event Booking Calendar (adb0e81c-e794-5ae8-8747-68c50d5788b7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-10015 |
vulnerable | 2026-06-03 14:33:40.771953 |
Details available
SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Published: 2015-01-13T11:00:00.000Z
Updated: 2024-09-17T00:41:01.415Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-10014 |
vulnerable | 2026-06-03 14:33:40.771605 |
Details available
Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Event Booking Calendar 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change the username and password of the administrator via an update action to the AdminOptions controller or conduct cross-site scripting (XSS) attacks via the (2) event_title parameter in a create action to the AdminEvents controller or (3) category_title parameter in a create action to the AdminCategories controller.
Published: 2015-01-13T11:00:00.000Z
Updated: 2024-08-06T14:02:38.088Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.