Description
Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline Corporate Calendar allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Bl@ckbe@rD · textwebappsasp
https://www.exploit-db.com/exploits/8756
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35054
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/50666
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/8756
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35187
Scores
EPSS
0.0190
EPSS Percentile
83.3%
Details
CWE
CWE-79
Status
published
Products (1)
aaronoutpost/asp_inline_corporate_calendar
Published
Jun 27, 2009
Tracked Since
Feb 18, 2026