Postnuke Software Foundation Postcalendar — known CVE vulnerabilities
Every CVE whose affected-product data names Postnuke Software Foundation Postcalendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2002-0739 — CVSS 7.5 (high): Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a…
CVE-2004-1787 — CVSS 7.5 (high): SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.