RSS   Vulnerabilities for 'Evcal events calendar'   RSS

2009-03-02
 
CVE-2008-6356

 

 
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.

 

 >>> Vendor: Donnafontenot 2 Products
Evcal events calendar
Mycal personal events calendar


Copyright 2024, cxsecurity.com

 

Back to Top