CVE-2018-12623
https://notcve.org/view.php?id=CVE-2018-12623
An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter. Se detectó un problema en Eventum versión 3.5.0. El archivo htdocs/switch.php presenta un problema de tipo XSS por medio del parámetro current_page. • https://github.com/eventum/eventum/blob/master/CHANGELOG.md https://github.com/eventum/eventum/releases/tag/v3.5.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-12622
https://notcve.org/view.php?id=CVE-2018-12622
An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter. Se detectó un problema en Eventum versión 3.5.0. El archivo htdocs/ajax/update.php presenta un problema de tipo XSS por medio del parámetro field_name. • https://github.com/eventum/eventum/blob/master/CHANGELOG.md https://github.com/eventum/eventum/releases/tag/v3.5.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-12621
https://notcve.org/view.php?id=CVE-2018-12621
An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter. Se detectó un problema en Eventum versión 3.5.0. El archivo /htdocs/switch.php presenta un Redireccionamiento Abierto por medio del parámetro current_page. • https://github.com/eventum/eventum/blob/master/CHANGELOG.md https://github.com/eventum/eventum/releases/tag/v3.5.2 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2018-12624
https://notcve.org/view.php?id=CVE-2018-12624
An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. Se ha descubierto un problema en Eventum versión 3.5.0. /htdocs/post_note.php tiene Cross-Site Scripting (XSS) mediante el parámetro garlic_prefix. • https://github.com/eventum/eventum/blob/master/CHANGELOG.md https://github.com/eventum/eventum/releases/tag/v3.5.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •