Community Events
Yannick Lefebvre
Developer
1.5.9
Latest version
20
Installations
No date
Last updated
Vulnerability history
0 present
12 patched
5 Mitigation rules
- Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field vulnerability<= 1.5.807/03/2026
- Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter vulnerability<= 1.5.718/02/2026
- Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability<= 1.5.616/01/2026
- Unauthenticated SQL Injection vulnerability<= 1.5.131/12/2025
- Unauthenticated SQL Injection vulnerability<= 1.5.418/11/2025
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 1.5.203/11/2025
- Unauthenticated SQL Injection vulnerability<= 1.5.107/10/2025
- Admin+ Stored XSS vulnerability< 1.5.105/08/2024
- Event Deletion via CSRF vulnerability< 1.522/07/2024
- Auth. Stored Cross-Site Scripting (XSS) vulnerability<= 1.4.825/11/2022
- SQL Injection<= 1.3.521/04/2015
- SQL Injection<= 1.2.108/09/2011