VYPR

Postcalendar

by Warpspeed

CVEs (3)

  • CVE-2026-33914Mar 25, 2026
    risk 0.00cvss epss 0.00

    OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the PostCalendar module contains a blind SQL injection vulnerability in the `categoriesUpdate` administrative function. The `dels` POST parameter is…

  • CVE-2004-1787Dec 31, 2004
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.

  • CVE-2002-0739Aug 12, 2002
    risk 0.00cvss epss 0.02

    Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.