RSS   Podatności dla 'Webcalendar'   RSS

2020-02-04
 
CVE-2013-1422

CWE-203
 

 
webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").

 
2020-01-27
 
CVE-2012-1496

CWE-74
 

 
Local file inclusion in WebCalendar before 1.2.5.

 
 
CVE-2012-1495

CWE-74
 

 
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.

 
2017-08-28
 
CVE-2017-10841

 

 
Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

 
 
CVE-2017-10840

 

 
Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top