← Back

Postcalendar

postcalendar

Vendor: Postnuke Software Foundation • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-1787
1Postnuke Software Foundation
1Postcalendar
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
CVE-2002-0739
1Postnuke Software Foundation
1Postcalendar
Apr 16, 2026
Aug 12, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.