Postcalendar
by Warpspeed
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33914 | 0.00 | — | 0.00 | Mar 25, 2026 | OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the PostCalendar module contains a blind SQL injection vulnerability in the `categoriesUpdate` administrative function. The `dels` POST parameter is… | |||
| CVE-2004-1787 | 0.00 | — | 0.01 | Dec 31, 2004 | SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. | |||
| CVE-2002-0739 | 0.00 | — | 0.02 | Aug 12, 2002 | Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. |
- CVE-2026-33914Mar 25, 2026risk 0.00cvss —epss 0.00
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the PostCalendar module contains a blind SQL injection vulnerability in the `categoriesUpdate` administrative function. The `dels` POST parameter is…
- CVE-2004-1787Dec 31, 2004risk 0.00cvss —epss 0.01
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
- CVE-2002-0739Aug 12, 2002risk 0.00cvss —epss 0.02
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.