{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T01:18:33.871","vulnerabilities":[{"cve":{"id":"CVE-2008-7018","sourceIdentifier":"cve@mitre.org","published":"2009-08-21T14:30:00.390","lastModified":"2026-06-16T23:03:26.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote attackers to inject arbitrary web script or HTML via the Details field (descr parameter) in an Add New Event action in an unspecified request as generated by an add action in index.php."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en NashTech Easy PHP Calendar 6.3.25 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el campo Details (parámetro descr) en una acción Add New Event en una petición no especificada, tal y como es generada por una acción add en index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nashtech:easy_php_calendar:6.3.25:*:*:*:*:*:*:*","matchCriteriaId":"7470B1DC-31D6-4639-9F15-062FB2F52381"}]}]}],"references":[{"url":"http://www.securityfocus.com/archive/1/496796","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/31478","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45517","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/496796","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/31478","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45517","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}