VYPR

JE Ajax Event Calendar

by Joomla

CVEs (2)

  • CVE-2010-4365Dec 1, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.

  • CVE-2010-2129Jun 1, 2010
    risk 0.03cvss epss 0.05

    Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from…