CVE-2013-1955 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm http://www.easyphpcalendar.com/forums/showthread.php?p=4555 http://www.openwall.com/lists/oss-security/2013/04/16/6