Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-4794. PoCs published by Salvatore Fresta.
AI-analyzed exploit summary The document details SQL injection and XSS vulnerabilities in JS Calendar 1.5.1 for Joomla, providing technical analysis and sample exploit URLs. It lacks functional exploit code but includes specific technical details about the vulnerabilities.
Description
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index.php. NOTE: some of these details are obtained from third party information.
Exploits (1)
The document details SQL injection and XSS vulnerabilities in JS Calendar 1.5.1 for Joomla, providing technical analysis and sample exploit URLs. It lacks functional exploit code but includes specific technical details about the vulnerabilities.