{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-07-18T01:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm"}, {"name": "[oss-security] 20130416 Re: CVE for XSS in EasyPHPCalender script", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/04/16/6"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1955", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm", "refsource": "CONFIRM", "url": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm"}, {"name": "[oss-security] 20130416 Re: CVE for XSS in EasyPHPCalender script", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/04/16/6"}, {"name": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555", "refsource": "CONFIRM", "url": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.318Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm"}, {"name": "[oss-security] 20130416 Re: CVE for XSS in EasyPHPCalender script", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2013/04/16/6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1955", "datePublished": "2013-07-18T01:00:00Z", "dateReserved": "2013-02-19T00:00:00Z", "dateUpdated": "2024-09-16T19:01:34.521Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:*:*:*:*:*:*:*:*", "matchCriteriaId": "040F7803-37B2-4F6D-961D-613E8A0F0621", "versionEndIncluding": "7.0.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "CEA02E89-9B76-490E-8B82-BA5DBE65B2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.00:*:*:*:*:*:*:*", "matchCriteriaId": "4807C22D-4A9B-4565-BD17-F99088F31038", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "3088CDA5-5992-4A64-AD26-F61CF86D0124", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "130D0448-1349-4B08-AA63-020FC3B38240", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "7D8F5711-A764-4440-AFC6-27CBE35CC84B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "EAF87F10-849D-4B40-A9B4-32CBFABC5D08", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.05:*:*:*:*:*:*:*", "matchCriteriaId": "ADEE6CC1-47F9-4624-BC80-B7450B8A955A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.06:*:*:*:*:*:*:*", "matchCriteriaId": "B11475CD-31C4-4F5B-BCDC-290CAAD0B255", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.07:*:*:*:*:*:*:*", "matchCriteriaId": "8E7C0266-7E2E-420E-84A8-57209D736D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.08:*:*:*:*:*:*:*", "matchCriteriaId": "87705F3D-90CA-41DC-89A5-E8EB3594D3E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.09:*:*:*:*:*:*:*", "matchCriteriaId": "0FBC4ADB-03EC-4306-98C2-5A27E7E4824F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A80AE072-92B4-4456-9232-1121BF30A3C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nashtech:easy_php_calendar:7.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "B31FE1D0-0685-432E-996D-BDBF8B9273C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades XSS (cross-site scripting) en (1) index.php y (2) datePicker.php en Easy PHP Calendar v6.x y 7.x anterior a v7.0.13 permite a atacantes remotos inyectar web scripts arbitrarios o HTML mediante vectores no especificados."}], "id": "CVE-2013-1955", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-07-20T03:37:15.583", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm"}, {"source": "secalert@redhat.com", "url": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2013/04/16/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.easyphpcalendar.com/forums/showthread.php?p=4555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2013/04/16/6"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}