jce-tech php_calendars_script CVE Vulnerabilities (4) — All product CPE matches

CVEs: 4 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities for jce-tech php_calendars_script from every vulnerable NVD CPE match row for this product, including cases where the versions table cannot show finer version attributes.

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2010-0380 install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. [email protected] 5.0 1.95% 2010-01-22 2026-06-16
CVE-2010-0376 Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that occurs from exploitation of CVE-2010-0375. [email protected] 4.3 1.50% 2010-01-21 2026-06-16
CVE-2010-0375 SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. [email protected] 7.5 1.00% 2010-01-21 2026-06-16
CVE-2009-3197 Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. [email protected] 4.3 1.10% 2009-09-15 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence