Lucene search
MitreCVELIST:CVE-2012-1835HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-1835
2022-10-0316:15:27
mitre
www.cve.org
1
cross-site scripting
vulnerabilities
all-in-one event calendar
wordpress
remote attackers
arbitrary web script
html
Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4) before_title, or (5) after_title parameter to app/view/agenda-widget.php; (6) button_value parameter to app/view/box_publish_button.php; or (7) msg parameter to /app/view/save_successful.php.
Related
wpvulndb
wpvulndb
All-in-One Event Calendar Plugin 1.4 & 1.5 Multiple XSS
2014-09-27 11:39:17
cve
cve
CVE-2012-1835
2022-10-03 16:15:27
prion
prion
Cross site scripting
2012-08-14 21:55:00
openvas
openvas
patchstack
patchstack
WordPress All-in-One Event Calendar Plugin 1.4 - Multiple Parameter XSS
2012-04-11 00:00:00
WordPress All-in-One Event Calendar Plugin 1.4 - "msg" Parameter XSS
2012-04-11 00:00:00
WordPress All-in-One Event Calendar Plugin 1.4 - "title" Parameter XSS
2012-04-11 00:00:00
packetstorm
packetstorm
WordPress All-In-One Event Calendar 1.4 Cross Site Scripting
2012-04-12 00:00:00
htbridge
htbridge
nuclei
nuclei
WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting
2021-07-14 23:19:57
securityvulns
securityvulns
nvd
nvd
CVE-2012-1835
2012-08-14 21:55:00
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
2021-01-29 14:20:22